The problem with shifts of faith is that if there is really a groundswell
against, we're as likely to miss it. People who leave generally do exactly
that, and don't bother talking about it.
That said ..
Some of us observe a third, more likely approach: nothing significant
happens due to
On Sun, 2011-09-11 at 17:26 -0700, Paul Hoffman wrote:
On Sep 11, 2011, at 4:50 PM, Ian G wrote:
So, what happens now? As we all observe, there are two approaches to
dealing with the collapse of faith of the PKI system: incremental fixes,
and complete rewrite.
We don't all observe
In these long and extensive discussions about fixing PKI there
seems to be a fair degree of agreement that one of the reasons
for the current difficulties is the fact that there was no precisely
defined threat model, documented and agreed upon ~before~ the
SSL system was designed and deployed.
On Sun, Sep 11, 2011 at 7:09 AM, Jon Callas j...@callas.org wrote:
PGP is of course the most notorious consensus system. There's a lot of good
things about it. It's very resilient in the face of unreliable authorities
(think Nasrudin). A number of proposals on how to fix the SSL problem adopt
In summary, Jon Callas wrote, about the challenges of ascertaining
identities:
The who who make you an authority are the community,
and they do it because you act like one.
This is just one of three models of identity assessment, prior to any
technological component:
one's reputation in
On Sun, Sep 11, 2011 at 1:09 AM, Jon Callas j...@callas.org wrote:
We're all in the middle of a maze trying to get back. It's easier to
understand things if you start at the beginning and walk your way forward.
(It's often even easier to start at the end and walk backwards, too, but I
don't
On Mon, Sep 12, 2011 at 9:15 AM, M.R. makro...@gmail.com wrote:
In these long and extensive discussions about fixing PKI there
seems to be a fair degree of agreement that one of the reasons
for the current difficulties is the fact that there was no precisely
defined threat model, documented
On Sep 12, 2011, at 7:15 AM, M.R. wrote:
In these long and extensive discussions about fixing PKI there
seems to be a fair degree of agreement that one of the reasons
for the current difficulties is the fact that there was no precisely
defined threat model, documented and agreed upon
On Sun, Sep 11, 2011 at 10:45 AM, Peter Gutmann
pgut...@cs.auckland.ac.nz wrote:
James A. Donald jam...@echeque.com writes:
On 2011-09-11 9:10 AM, Andy Steingruebl wrote:
1. Phishing isn't the only problem right?
2. To some degree this is a game where we have to guess their next
step, and make
On Sun, Sep 11, 2011 at 8:37 AM, Douglas Huff dh...@jrbobdobbs.org wrote:
On Sep 11, 2011, at 9:25 AM, Thierry Moreau wrote:
E.g. http://datatracker.ietf.org/wg/dane/ (DNS-based Authentication of Named
Entities (dane))
Which makes a huge assumption about DNS SEC that is just not realistic.
M.R.,
In these long and extensive discussions about fixing PKI there
seems to be a fair degree of agreement that one of the reasons
for the current difficulties is the fact that there was no precisely
defined threat model, documented and agreed upon ~before~ the
SSL system was designed and
On 13/09/2011, at 0:15, M.R. makro...@gmail.com wrote:
In these long and extensive discussions about fixing PKI there
seems to be a fair degree of agreement that one of the reasons
for the current difficulties is the fact that there was no precisely
defined threat model, documented and
On 09/12/2011 01:45 PM, M.R. wrote:
The system is not expected to protect individual
liberty, life or limb, nor is it expected to protect high-value
monetary transactions, intellectual property assets, state secrets
or critical civic infrastructure operations.
It never was, and yet, it is
Paul Hoffman paul.hoff...@vpnc.org writes:
We don't all observe that. Some of us observe a third, more likely
approach: nothing significant happens due to this event. The collapse of
faith is only among the security folks whose faith was never there in the
first place. A week after the event, who
On 13/09/2011, at 5:12, Marsh Ray ma...@extendedsubset.com wrote:
It never was, and yet, it is asked to do that routinely today.
This is where threat modeling falls flat.
The more generally useful a communications facility that you develop, the
less knowledge and control the engineer
Peter Gutmann pgut...@cs.auckland.ac.nz commented:
#[0] I'm being conservative here, in practice I don't recall seeing anyone
#expressing faith in PKI, but I didn't read every one of the vast numbers
#of comments.
Well, I'd suggest that NIST 800-63
Jon, I think there was a great deal of wisdom in your post. I'd add only one
thing: a pointer to the definition of dialog box at
http://www.w3.org/2006/WSC/wiki/Glossary .
___
cryptography mailing list
cryptography@randombit.net
On Sep 12, 2011, at 2:02 AM, Ian G wrote:
(There are likely some Googlers on this list who can speak authoritatively
on whether their management are scared as hell or even noticing.)
Googlers are unlikely to do so. Google has a firm rule about not discussing
business outside the company.
On 2011-09-13 5:22 AM, Peter Gutmann wrote:
Some years ago I predicted that it'd take an Enron-scale catastrophe to
finally get browser security fixed.
Note that Enron led to Sarbanes Oxley, which mandated a mighty
bureaucracy to do even more of what accountants had been doing before Enron.
On 13/09/11 00:09, Marsh Ray wrote:
The more generally useful a communications facility that you develop,
the less knowledge and control the engineer has about the conditions
under which it will be used.
If that describes the current situation, it also tells us why
software engineering is
20 matches
Mail list logo