[Cryptography] SSL Certificates are expiring...
Phillip Hallam-Baker
phill at hallambaker.com
Sun Feb 16 12:56:10 EST 2020
On Sat, Feb 15, 2020 at 9:24 PM John Kelsey <crypto.jmk at gmail.com> wrote:
> In security, "trusted" should be translated as "can screw me over."
>
> --John
>
I made myself unpopular at the first Trusted Computing Group meeting
pointing out that MSDOS is trusted, it just isn't trustworthy. Microsoft
got the point, most others did not.
Yes, I get the fact that most people in this business are inclined to a
suspicious view of the world. But if we are going to have people who have
never met trust each other sufficiently to accurately assess the risk of a
transaction, our choices are limited. We can either trust them blind or
make use of a TTP.
What I plan to do once I can work again is to write up ceremonies for
onboarding and contact exchange. Carl Ellison raised this years back.
One tool we need to make use of is the Haber-Stornetta hash chain notary
(without the blockchain ideology). This is interesting because it gives you
many TTP capabilities in an untrusted or very limited trust service.
Ceremony: QR code exchange of credentials.
Alice meets Bob in person, they both have smart phones with display, camera
and network affordances. They agree to exchange credentials.
Alice starts her credential exchange app and selects the credential she
wishes to exchange, it presents a QR code.
Bob scans the QR code and selects the credential he wishes to exchange.
Protocol stuff happens using the QR code to establish a work factor of at
least 2^128.
Alice and Bob review the credentials their device received and accept (or
reject) them.
Ceremony: Conference notary binding
Now lets say we do exactly the same but at an IETF and Alice registers her
credential with a kiosk. And then we enroll the result in a DARE Sequence
(which is authenticated by a Merkle tree).
Notice we did not actually validate Alice's credential. But even without
that we have an interesting data point, someone attended a conference and
purported to be Alice in Feb 2020. And we know that date with essentially
100% assurance because of the Merkle tree (assuming we tie that to other
notaries).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200216/e84df233/attachment.htm>
More information about the cryptography
mailing list