[Cryptography] client certificates ... as opposed to password hashing
ianG
iang at iang.org
Wed May 28 19:07:07 EDT 2014
On 27/05/2014 16:04 pm, Joe St Sauver wrote:
> But what about routine use? *If* all the user is doing is S/MIME, and
> everyone uses the same key for signing as for encryption, key exchange
> via signed messages works okay, and most popular email IMAP clients
> support S/MIME and you can even use something like Penango for web email
> (free for free Gmail account users). That largely just works.
Well, it passes the demo but not really practical.
The problem is that within a community of say 10+ there is always
someone who is losing their key for some reason. E.g., cert expired.
Which then requires a long period for that person to wake up and find
another cert. During that time, that person's offline.
My call is that S/MIME fails routine use.
The only practical way around this is a keyserver approach, and even
that requires the keys to not expire, practically. Note that the same
problem occurs with OpenPGP; when people expire their keys too
frequently, others get out of sync and stop talking to them. Only the
NSA enjoys this scenario.
> HOWEVER, routine use gets harder when:
>
> -- you're trying to more than just S/MIME
> -- you're trying to work beyond just the enterprise, and there's no
> global directory
> -- you have multiple client certs (e.g., a non-repudiable signing cert
> and an escrowed encryption cert, perhaps)
> -- you want to use smartcards or USB-format PKI hard tokens to store your
> certificates
>
> What's really missing to-date has been use cases for client certs, at least
> in the academic community.
Use case happily from the CAcert community. Short story: every Assurer
has to have a cert in their browser so the provisioning problem is
solved by some other factor. With that benefit, client certs work fine
*iff* the client software is up to the job.
http://wiki.cacert.org/Technology/KnowledgeBase/ClientCerts
> If I just want to do signed or encrypted email, PGP/GNU PrivacyGuard is a
> compelling alternative.
For email, yes. It is only the GUI clients that are not really robust
there.
iang
More information about the cryptography
mailing list