[Cryptography] Verisimilitrust
Phillip Hallam-Baker
phill at hallambaker.com
Sun Jan 10 21:25:53 EST 2016
On Sun, Jan 10, 2016 at 11:50 AM, ianG <iang at iang.org> wrote:
> On 10/01/2016 02:29 am, Phillip Hallam-Baker wrote:
>>
>> SIGH.
>>
>> The WebPKI was designed for the purpose of allowing people to buy
>> stuff from online stores with at least the same degree of security as
>> through traditional mail order or in traditional stores. That is all
>> it was ever designed to do. If you are upset that it is not proof
>> against certain attacks ask yourselves why you were using a system
>> that was never designed to meet those requirements.
>
>
>
> Then, the requirement wasn't for strong MITM protection because mail order
> or traditional stores already suffer MITM.
>
> So, I disagree. The WebPKI was designed to use some technology that
> happened to have been at hand at the time. Retail just happened to be the
> driver for it, so the security model was crafted to make retail appear so
> that it needed that technology.
Not at all. I would have much rather avoided X.509 entirely. The only
things used in the Web PKI are certificate chaining, the basic key
formats and the notion of extensions.
There were requirements considered outside retail but mostly in the EDI area.
>> Oh thats right, the WebPKI is the only open PKI that has ever been
>> deployed and become ubiquitous.
>
>
> Which is not true. SSH, Skype, and all the other chat programs out there...
Open PKI is a technical term, Skype is not an open PKI, it is closed
model which greatly simplifies their trust considerations, all the
parties have direct contractual relationships. SSH is not really a PKI
in the sense of providing a general trust infrastructure, it is
limited to point to point. It certainly doesn't meet Baum's definition
of an Open PKI.
>> Plenty of folk had much better ideas
>> about how to make much more capable systems than I ever did. Which is
>> of course why you have all been using them for the past decade.
>
> :) Let's not move the goalposts. The original topic was the use of the
> word trust.
And as usual, everyone dumps on my work. To which I say, fine, there
are things I would like to change as well. But lets not start from the
assumption that the only thing holding the industry back is the one
solid achievement we can claim.
More information about the cryptography
mailing list