Re: [EMAIL PROTECTED]: Re: [p2p-hackers] P2P Authentication]

2005-10-28 Thread R.A. Hettinga 
At 9:27 PM -0700 10/27/05, cyphrpunk wrote:
Every key has passed
through dozens of hands before you get to see it. What are the odds
that nobody's fucked with it in all that time? You're going to put
that thing in your mouth? I don't think so.

So, as Carl Ellison says, get it from the source. Self-signing is fine, in
that case. Certificates, CRLs, etc., become more and more meaningless as
the network becomes more geodesic.

Using certificates in a P2P network is like using a condom. It's just
common sense. Practice safe cex!

Feh. You sound like one of those newbs who used to leave the plastic wrap
on his 3.5 floppy so he wouldn't get viruses...

Cheers,
RAH
What part of non-hierarchical and P2P do you not understand?

-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: [EMAIL PROTECTED]: Re: [p2p-hackers] P2P Authentication]

2005-10-28 Thread cyphrpunk 
 From: Kerry Bonin [EMAIL PROTECTED]
 Date: Thu, 27 Oct 2005 06:52:57 -0700
 To: [EMAIL PROTECTED], Peer-to-peer development. [EMAIL PROTECTED]
 Subject: Re: [p2p-hackers] P2P Authentication
 User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
 Reply-To: Peer-to-peer development. [EMAIL PROTECTED]

 There are only two good ways to provide man-in-the-middle resistant
 authentication with key repudiation in a distributed system - using a
 completely trusted out of band channel to manage everything, or use a
 PKI.  I've used PKI for 100k node systems, it works great if you keep
 it simple and integrate your CRL mechanism - in a distributed system the
 pieces are all already there!  I think some people are put off by the
 size and complexity of the libraries involved, which doesn't have to be
 the case - I've got a complete RSA/DSA X.509 compliant cert based PKI
 (leveraging LibTomCrypt for crypto primitives) in about 2k lines of C++,
 30k object code, works great (I'll open that source as LGPL when I
 deploy next year...)  The only hard part about integrating into a p2p
 network is securing the CA's, and that's more of a network security
 problem than a p2p problem...

It's great to see this guy showing up yet another of the false dogmas
of the crypto hacker community: PKI can't work. According to this
view, only old fogies and tight ass bureaucrats believe in certifying
keys. All the cool kids know that the best key is a bare key. After
all, MITM attacks never really happen, this was just an invented
threat designed to force poor college kids into paying hundreds of
dollars a year for a verisign certificate.

But when we come into the P2P world things look very different. Where
MITM would require special positioning in the old net, in a
distributed P2P network, everyone's a MITM! Every key has passed
through dozens of hands before you get to see it. What are the odds
that nobody's fucked with it in all that time? You're going to put
that thing in your mouth? I don't think so.

Using certificates in a P2P network is like using a condom. It's just
common sense. Practice safe cex!

CP