On Mon, Oct 21, 2013 at 2:58 PM, DataPacRat <[email protected]> wrote:
> I've just posted a new version of a draft for an extension to the > current vCard format, "Signed vCards" [1]. The general idea is to use > existing encryption techniques to turn an existing format for > "identity description" into one for "identity authentication", > including non-email-based identifiers, change of identifiers over > time, publication and revocation of keys, and so forth. > > The reason I'm putting all of this together is that, after finding out > just how brittle the current Certificate Authority system is, I wanted > to have a replacement that was much mushier and resistant to root-CA > hijacking, possibly based on some form of web-of-trust. I'm currently > trying to teach myself enough about webfist [2] to see if it can be > adapted for the purpose, likely by replacing its current DKIM-based > authentication system. My thought is that if that can be made to work, > then it may be feasible to try combining Signed vCards with CA-style > certificates. > > There's also the possibility that I'm completely deluded about the > whole approach. I'm not an expert in the field; I'm just trying to > find a solution that's within my meager skills. So I'm hoping to evoke > as much feedback and constructive criticism as I can. Since swapping > out hierarchical CAs for a system more resistant to a subpoena attack > would seem to help reduce pervasive monitoring, this list seems a > worthwhile place to discuss it. > I think you need to work out how to evaluate how trust in the Web of Trust is evaluated: http://tools.ietf.org/html/draft-hallambaker-prismproof-trust-00 You can accuse the CA system of being 'brittle' but so is Web of Trust once you get past the keys that you signed directly yourself. Putting the key in a vcard only addresses one part of the problem, you need to know whether you have the right vcard. An attacker that can knock over a CA will have no trouble knocking over a simple vcard scheme either. To replace that system you have to show that what you propose as a replacement is actually stronger and that it is not susceptible to sovereign control by a single government (at minimum, some of us are not going to be any more happy with a group of governments acting in concert unless you can assure us that they will not collude). Where vcard is supported, it makes a fine mechanism for converting a key identifier to a key. It is a less good mechanism for establishing trust in a key which is what most of us see as the hard part. -- Website: http://hallambaker.com/
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
