On Wed, 28 Jul 2010 11:23:16 -0500 Nicolas Williams <nicolas.willi...@oracle.com> wrote: > On Wed, Jul 28, 2010 at 11:20:51AM -0500, Nicolas Williams wrote: > > On Wed, Jul 28, 2010 at 12:18:56PM -0400, Perry E. Metzger wrote: > > > Again, I understand that in a technological sense, in an ideal > > > world, they would be equivalent. However, the big difference, > > > again, is that you can't run Kerberos with no KDC, but you can > > > run a PKI without an OCSP server. The KDC is impossible to > > > leave out of the system. That is a really nice technological > > > feature. > > > > Whether PKI can run w/o OCSP is up to the relying parties. Today, > > because OCSP is an afterthought, they have little choice. > > Also, requiring OCSP will probably take less effort than switching > from PKI to Kerberos. In other words: eveything sucks.
I wouldn't suggest that everything on earth move to Kerberos. I mentioned Kerberos only to show that entirely different models are possible. As to OCSP being a reasonable solution because it can be deployed easily, it clearly will not solve the browser security problem. So long as security depends on reliance on the lowest common denominator among the policies of hundreds of CAs, many of which are quite questionable, and so long as the certifications made by even the best of those CAs are effectively meaningless, and so long as the users are well trained to ignore every browser warning they ever get, the entire question of OCSP is somewhat irrelevant -- it would just be a way of spritzing the skunk with eau de cologne. I fully recognize that the odds we will fix the browser security problem are very low, if only because no one can deploy a truly new solution in a world where we can't even get IE 6 to die. However, in discussing this at a high level, as though we could improve things, we shouldn't kid ourselves about the current model. It is fatally broken. Hanging garlands from the corpse's ears will not convince anyone that it has a vibrant future ahead. Perry -- Perry E. Metzger pe...@piermont.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com