>> Perhaps it's time to move away from public-key entirely!  We have a classic 
>> paper - Needham and Schroeder, maybe? - showing that private key can do 
>> anything public key can; it's just more complicated and less efficient.
> Not really. The Needham-Schroeder you're thinking of is the essence of 
> Kerberos, and while Kerberos is a very nice thing, it's hardly a replacement 
> for public key.
> If you use a Needham-Schroeder/Kerberos style system with symmetric key 
> systems, you end up with all of the trust problems, but on steroids....
I don't think we're really in disagreement here.  Much of what you say later in 
the message is that the way we are using symmetric-key systems (CA's and such), 
and the way browsers work, are fundamentally wrong, and need to be changed.  
And that's really the point:  The system we have is all of a piece, and 
incremental changes, sadly, can only go so far.  We need to re-think things 
from the ground up.  And I'll stand by my contention that we need to re-examine 
things we think we know, based on analyses done 30 years ago.  Good theorems 
are forever, but design choices apply those theorems to real-world 
circumstances.  So much has changed, both on the technical front and on 
non-technical fronts, that the basis for those design choices has fundamentally 

Getting major changes fielded in the Internet is extremely difficult - see 
IPv6.  If it can be done at all, it will take years.  But the alternative of 
continuing on the path we're on seems less desirable every day.

                                                        -- Jerry

The cryptography mailing list

Reply via email to