A mighty fortress is our PKI, Part II
James A. Donald
jamesd at echeque.com
Thu Jul 29 05:19:16 EDT 2010
On 2010-07-29 12:18 AM, Peter Gutmann wrote:
> This does away with the need for a CA,
> because the link itself authenticates the cert that's used.
>
> Then there are other variations, cryptographically generated addresses, ...
> all sorts of things have been proposed.
>
> The killer, again, is the refusal of any browser vendor to adopt any of it.
Bittorrent links have this property. A typical bittorent link looks
like
magnet:?xt=urn:btih:2ac7956f6d81bf4bf48b642058d31912479d8d8e&dn=South+Park+S14E06+201+HDTV+XviD-FQM+%5Beztv%5D&tr=http%3A%2F%2Fdenis.stalker.h3q.com%3A6969%2Fannounce
It is the equivalent of an immutable file in Tahoe.
> In the case of FF someone actually wrote the code for them, and it was
> rejected. Without support from browser vendors, it doesn't matter what cool
> ideas people come up with, it's never going to get any better.
The browser vendors are married to the CAs
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list