On Mon, 26 Aug 2013 10:40:17 -0700 Ray Dillinger <b...@sonic.net> wrote: > On 08/25/2013 03:28 PM, Perry E. Metzger wrote: > > > So, imagine that we have the situation described by part 1 (some > > universal system for mapping name@domain type identifiers into > > keys with reasonable trust) and part 2 (most users having some > > sort of long lived $40 device attached to their home network to > > act as a "home server".) > > My main issue with this proposal is that somebody identifiable is > going to manufacture these boxes. Maybe several somebodies, but > IMO, that's an identifiable central point of control/failure.
One can use a commercial PC if one wants to install on one's own, or any one of many manufacturers of small boxes. It is certainly the case that the hardware layer can be attacked, all is lost. On the other hand, if we presume supply chain attacks, all is lost anyway -- once you control the computer, the protocols it is running don't matter. Even keyboards can be suborned -- see Gaurav Shah's work on that, for example. I would prefer not to try to solve that problem right now -- it is too broad and too general. If others can solve it, that's of course a great thing. :) Perry -- Perry E. Metzger pe...@piermont.com _______________________________________________ The cryptography mailing list firstname.lastname@example.org http://www.metzdowd.com/mailman/listinfo/cryptography