On Thu, Nov 14, 2013 at 6:11 PM, Matt Miller <linuxw...@outer-planes.net>wrote:
> > On Nov 14, 2013, at 10:43 AM, Ralf Skyper Kaiser <sky...@thc.org> wrote: > > > On Thu, Nov 14, 2013 at 4:49 PM, Matt Miller <linuxw...@outer-planes.net> > wrote: > > > > On Nov 14, 2013, at 9:34 AM, Ralf Skyper Kaiser <sky...@thc.org> wrote: > > > > > > > > On Thu, Nov 14, 2013 at 4:24 PM, Dave Cridland <d...@cridland.net> > wrote: > > > On Thu, Nov 14, 2013 at 4:09 PM, Matt Miller < > linuxw...@outer-planes.net> wrote: > > > > > > On Nov 14, 2013, at 8:33 AM, Ralf Skyper Kaiser <sky...@thc.org> > wrote: > > > > (In fact it's not just the root key that the user/admin has to trust but > all keys up to his subdomain). > > > > No, it's really just the root key everyone places trust in; each other key > is signed by the next key up in the chain. > > No. The user has to trust ALL keys and not just the single ROOT KEY. The user has to trust: 1. The key was generated securely (enough bits, good primes, ...) 2. A good RNG was used (hi debian! Thanks for a bad RNG). 3. The key is not leaked (on purpose) by _any_ of the admins in the domain chain 4. The key is stored securely and not stolen 5 . ...This list is incomplete...and goes on and on. Maybe this example gives a better idea: User in Iran. Jabber admin sets up a jabber server at myjabberserver.my-university.ir. The user has to trust ROOT (domain "."). ROOT is ultimately geopolitically aligned with the US. The user has to trust .IR. That's ultimately the Iranian government. The user has to trust MY-UNIVERSITY.IR (which is ultimately aligned with Mr. Khomeini) The user has to trust MYJABBERSERVER.my-university.ir which is the actual jabber server admin. <SARCASM> That really sounds like a great idea! Unless of course 1. You are a gay person in Iran 2. An Atheist in Saudi Arabia (or a women) 3. Leonardo da Vinci and dare to suggest that the earth is round 4. A black person wishing to sit in the front row of a bus 5 ... </SARCASM> DANE does not protect any of the above people. DANE just does not cut it. Not in a Post-Prism world. Certificate Pinning does. regards, ralf
_______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: jdev-unsubscr...@jabber.org _______________________________________________