A mighty fortress is our PKI, Part II
Perry E. Metzger
perry at piermont.com
Wed Jul 28 10:05:22 EDT 2010
On Wed, 28 Jul 2010 14:38:53 +0100 Ben Laurie <ben at links.org> wrote:
> On 28/07/2010 14:05, Perry E. Metzger wrote:
> > It is not always the case that a dead technology has failed
> > because of infeasibility or inapplicability. I'd say that a
> > number of fine technologies have failed for other reasons.
> > However, at some point, it becomes incumbent upon the proponents
> > of a failed technology to either demonstrate that it can be made
> > to work in a clear and convincing way, or to abandon it even if,
> > on some level, they are certain that it could be made to work if
> > only someone would do it.
>
> To be clear, I am not a proponent of PKI as we know it, and
> certainly the current use of PKI to sign software has never
> delivered any actual value, and still wouldn't if revocation worked
> perfectly.
>
> However, using private keys to prove that you are (probably) dealing
> with the same entity as yesterday seems like a useful thing to do.
I agree with that fully.
> And still needs revocation.
Does it?
I will point out that many security systems, like Kerberos, DNSSEC and
SSH, appear to get along with no conventional notion of revocation at all.
> Is there a good replacement for pk for this purpose?
I think public key cryptography is a wonderful thing. I'm just not
sure I believe at all in PKI -- that is, persistent certification via
certificates, certificate revocation, etc.
PKI was invented by Loren Kohnfelder for his bachelor's degree thesis
at MIT. It was certainly a fine undergraduate paper, but I think we
should forget about it, the way we forget about most undergraduate
papers.
Perry
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list