Hi Karl,
Whilst taking the risk to look like someone from Microshot, Netscape or the
others some comment on your pleads for clarity.
> There are to separate things that secure web servers do.
>
> 1. Authenticate who you're talking to, so that when you engage in
> commerce you have some indication that the merchant you think you're
> dealing with is really who you're dealing with.
>
> 2. Encrypt the data so that it cannot be intercepted between the
> sending and receiving machines.
True. Crypto allows for two other quite basic functions: non-repudiation
and integrity. You only mentioned authenticity and confendiatlity.
> These are NOT the same function, and needing one of them does not imply
> needing the other.
True
> Yet, in today's world, you cannot have one without the other, which means
> that to get EITHER you must pay someone.
The pay part is untrue. If you really don't care about authenticity but
only are interested in confidentiality of your datastream (if you cannot
verify the authenticity of the entities on either side of your datastream I
think you're quite vulnerable for loosing your confidentiality, but that's
your choice) you can just generate your own certificate. What is true is
that those stupid browser applications refuse to see key generation and the
*possible* certification as different steps. With openssl of course this is
possible.
> Contrast this with PGP for email, in which I can publish a public key and
> once you obtain it you're able to receive an encrypted communication from
> me and decode the traffic. My generation of that key pair does not require
> that it be "certified" by any third party.
I hope you made some typo here. You do not use the thing conceptually
referred to as "public key" to decode encrypted traffic/messages. That's
what the private thingie is for. The public part is for signature
verification (ie verifying the private part has been used to encrypt a piece
of data).
Problem with your PGP schema is that I can publish my public key on the
keyserver (lets say the keys.pgpi.net which I trust a lot ;), you can get it
there and use it to crypt data for me. Essential problem here: how do you
know that the key you're using is mine and not from someone claiming to be
me (by entering *my* emailaddress and name during key generation)? Using
signatures --> signature=certificate.
I agree the key generation and the certification process *should* be
seperated, also in browsers. It is *not* possible for me to make a copy of
my oh so valuable private browser key *before* I receive my certificate
(which can be up to five days according to our certification practise
statement) which bothers me very much. I can not revoke the certificate and
just use the same key again.
So, concluding:
You're right in stating encryption and authentication are two seperated
things and being unable to use encryption without authentication is stupid
You're wrong in your assumption of the usefullness this has.
Jan
--
alive ~ true
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
