Ben Laurie <[email protected]> writes: >a) Key continuity is nice, but ... are you swapping one set of problems for >another? What happens when I lose my key? How do I roll my key? I just added >a second server with a different key, and now a bunch of users have the >"wrong" key - what do I do? How do I deal with a compromised key?
The slides are actually material taken from a book draft, which covers key continuity issues in some detail. So the (non :-)-answer in this case is "See the section on key continuity on page X". >b) Entering passwords on a new site: again, nice, but how will you detect >sites that merely mimic password entry? Wide acceptance would lead to >avoidance techniques that seem hard to detect. Uhh, I'm not sure what the point is here, why would a site mimic password entry? Another thing to remember is that all of this is risk-assessment, not the boolean "has a cert" that browsers currently use. Very emphatically not the browsers' "has a cert" mechanism. So even with a worst-case key-continuity failure, at most you're going to move the risk slider some way towards "more risky" so that you have to fall back on other measures to assess a site's safety. That's the main contribution of the slides, that we need to diversify our measures and get away from the "has a cert -> good" that's never really worked since it was introduced. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
