[Cryptography] WireGuard

[Phillip Hallam-Baker]

The problem with a lot of the approaches is that the folk proposing them
start from the objective of eliminating all dependence on third parties,
not minimizing risk.

Governments are bad, CAs are bad, yak yak yak, chunter, chunter, chunter,
etc. etc.

The Web PKI was designed to authenticate and authorize Web sites. The
encryption part was merely a byproduct. The original design brief was to
make shopping online at least as secure and convenient as offline.

I find it rather interesting that some folk who were not part of those
discussions try to lecture those of us who were. But I digress.

I think that we could make key pinning practical but it would require folk
to limit their objective to protecting the user and require them to be less
absolutist about support for corner cases.

Remember that when all is said and done, Google, Mozilla, Apple, Microsoft
or whoever will be the third party you trust, likely two of them plus your
AV provider.

The question to ask is what to do if a certificate is presented that does
not meet the key pinning criteria. And this is a policy that the key
pinning mechanism should allow the subject to specify ranging from, 'accept
an alternative cert provided it is EV to require countersignatures from
five EV CAs to 'shoot me in the foot, I have a death wish'.

Remember that any subject security policy can always be overridden by your
browser provider and/or your platform provider.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180901/48fcb9af/attachment.html>