A mighty fortress is our PKI, Part II
Perry E. Metzger
perry at piermont.com
Wed Jul 28 14:41:35 EDT 2010
On Wed, 28 Jul 2010 12:38:10 -0500 Nicolas Williams
<Nicolas.Williams at oracle.com> wrote:
> Again, if everything is too hard, why do we bother even talking
> about any of this? ETOOHARD cannot usefully be a retort to every
> suggestion.
Well, not everything is too hard. In fact, one of the important
characteristics of systems that work is that they're simple, and thus
tractable.
We were just discussing the problem of needing users to make fine
grained security decisions. Several obvious solutions exist here.
For example, the "there should be one mode, and it should be secure"
rule lowers the complexity users encounter quite a bit.
I know of at least one project to fix the browser PKI mess which
claims that they want to involve the users more, not less. This would
seem to be a big mistake to me.
On the other edge of the spectrum, many people now use quite secure
protocols (though I won't claim the full systems are secure --
implementation bugs are ubiquitous) for handling things like remote
login and file transfer, accessing shared file systems on networks,
etc., with little to no knowledge on their part about how their
systems work or are configured. This seems like a very good thing. One
may complain about many issues in Microsoft's systems, for example,
but adopting Kerberos largely fixed the distributed authentication
problem for them, and without requiring that users know what they're
doing.
Yet another reason (one of dozens) that X.509 has never worked right
for most users is the sheer number of knobs. There are too many
choices for mortals, and there will always be subtle configuration
failures that can catch even experts.
(I am reminded of the similar death-by-complexity of the IPSec
protocol's key management layers, where I am sad to report that even I
can't easily configure the thing. Some have proposed standardizing on
radically simplified profiles of the protocol that provide almost no
options -- I believe to be the last hope for the current IPSec suite.)
Perry
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list