On 13/10/09 09:02 -0400, valdis.kletni...@vt.edu wrote: >On Sun, 11 Oct 2009 23:31:08 CDT, Dan White said: >> 3) Doing what we can to develop and increase our participation in a public >> key infrastructure and IPSEC. > >Unfortunately, most of the problems we have would *not* be fixed with more >crypto and IPSEC (with the exception of closing down unencrypted wireless and >making the standard there WPA2 or a better follow-on). I mean, *seriously*,
Sure it would. The idea of an IPSEC enabled PKI is that you have end-to-end security, with perhaps many untrusted networks in the middle. It means two-way trust. It means that the two parties communicating know exactly who each other are and know that no one else can listen in on their private communications. >You want to fix something - come up with a good way to enhance the trust for >websites that load from multiple places. Go read Schneier's "Secrets and >Lies", >he has a good chapter on SSL snake oil, but to sum it up with a re-quote >of an example from yesterday: > >If I'm on msnbc.msn.com, and click a link that takes me to discovery.com, >what reason does my browser have to trust the Flash content that gets >loaded from mstories.vo.llnwd.net? (Hint - your scheme has to work even >if discovery.com is compromised - if the hacker can change the link, there's >a good chance that if you depend on a digital signature of the page containing >the link, he can re-sign the page as well. Probably not for discovery.com, >which likely has separate devel and prod machines and the signing can happen >on the devel boxes - but there's a *lot* of "update in place" websites that >would almost certainly have the signing keys on the webserver. Bad idea, >I know, but it's gonna happen. I'm not sure I exactly follow the scenario. I need to trust that my bank knows what they're doing, or I'm not going to do online banking, or do any banking with them. Ditto for anyone else that handles my private data. I don't need to trust anything from msnbc.msn.com, or discovery.com, or a flash file found on one of those websites. You say SSL is snake oil? I don't really disagree with that. IPSEC is a very attractive antidote to it. -- Dan White _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
