Ian G wrote: > Actually, there are many problems. If you ask the low-level crypto > guys, they say that the HI is the problem. If you ask the HI guys, they > say that the PKI concept is the problem. If you ask the PKI people, > they say the users are not playing the game, and if you ask the users > they say the deployment is broken ... Everyone has got someone else to > blame.
This is, in my experience, exactly right. I'm trying to take some steps for the better on the OLPC: all e-mails and IMs will be signed transparently and by default, with the possibility of being encrypted by default in countries where it's not a problem. This'll help with privacy and message integrity, but it's not designed to stop phishing or impersonation. Phishing is less of an immediate problem for us, as there's little incentive to phish 6-year olds in developing countries. But it will be a problem eventually, and by then, it might be extremely difficult to introduce sweeping changes in the security and HCI model to remedy the problem. One tremendous advantage we have now with OLPC is the ability to ignore backwards compatibility for a number of things, so if we had a really good model for dealing with phishing and the like -- even if it required new assumptions or approaches -- we could probably do it. So maybe it's time (for us, perhaps) to organize a workshop on this? Is there a better way to do it? -- Ivan Krstić <[EMAIL PROTECTED]> | GPG: 0x147C722D --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
