[Cryptography] Moving forward on improving HTTP's security
Greg
greg at kinostudios.com
Thu Dec 12 16:15:43 EST 2013
> The solution is yurls, Zooko's triangle, and, here comes the hard part, squaring Zooko's triangle.
I agree 100%.
Happy to announce okTurtles and DNSNMC: http://okturtles.com
--
Please do not email me anything that you are not comfortable also sharing with the NSA.
On Nov 15, 2013, at 12:01 AM, James A. Donald <jamesd at echeque.com> wrote:
> On 2013-11-14 15:46, Greg wrote:
>> On Nov 13, 2013, at 7:05 PM, John Kelsey <crypto.jmk at gmail.com
>> <mailto:crypto.jmk at gmail.com>> wrote:
>>> So your solution is what? Continue sending data in the clear?
>>
>> The basics would be to not use the CAs. Working on rest of details,
>> they're mostly finished, just gotta make 'em nice 'n pretty. And some
>> code would be good, too.
>
> The not quite good enough is the enemy of the adequate.
>
> The problem with CAs is that Bob usually knows more about Carol that the CA knows about Bob or Carol. Thus "trust" between Bob and Carol supplied by the CA tends to be inconvenient, expensive and unsafe.
>
> Introducing a distant third party between Bob and Carol is a security hole, not a security solution.
>
> The solution is yurls, Zooko's triangle, and, here comes the hard part, squaring Zooko's triangle.
>
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131212/730f84b2/attachment.pgp>
More information about the cryptography
mailing list