Yes they do. The difference being that if public keys are going to be forged in the circle of trust system, a whole lot of systems have to be compromised. With PKI, you're putting all your eggs in that one basket. And if you lose control of it. That's it. Game over. You're in trouble. And that's always the issue with centralization of anything.
My .02. t ________________________________ From: Technomage <[email protected]> To: [email protected] Sent: Sat, July 3, 2010 12:09:46 AM Subject: Re: OT: (or is it?) Interesting take on PKI and security On 7/1/10 6:36 PM, Mike Schwartz wrote: Interesting take on PKI and security >http://www.schneier.com/paper-pki-ft.txt >a favorite take-away quote, from it: >"[...] security is very difficult, both to understand and to implement. " The biggest problem with security is that most (nearly 99%) do not understand it, the reasons for it or how to implement and use it. Those few that do can largely be counted as a very small number (less than 1,000) in the entire field and a lot of them spent years leaning how. I personally know enough to know I *really* don't know nearly enough (and perhaps just enough to keep the honest people honest and that's about it). as for the 2 models presented, each has its own Achilles heal.
--------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
