On 17/09/11 17:56, lodewijk andré de la porte wrote:
...therefore assumes others assume SSL to be broken by design...
SSL is not broken by design!
SSL was designed to protect relatively low-value retail commerce,
and it still does that job reasonably well.
What failed were our mechanisms to
On 2011-09-18 3:37 PM, Marsh Ray wrote:
Now you may be a law-and-order type fellow who believes that lawful
intercept is a magnificent tool in the glorious war on whatever. But if
so, you have to realize that on the global internet, your own systems
are just as vulnerable to a lawfully executed
On 2011-09-18 4:34 PM, M.R. wrote:
SSL was designed to protect relatively low-value retail commerce,
and it still does that job reasonably well.
What failed were our mechanisms to ensure that system usage regime does
not exceed it's design parameters. If I can be flippant, SSL was a
pedestrian
On Sun, Sep 18, 2011 at 1:37 AM, Marsh Ray ma...@extendedsubset.com wrote:
On 09/17/2011 11:59 PM, Arshad Noor wrote:
The real problem, however, is not the number of signers or the length
of the cert-chain; its the quality of the certificate manufacturing
process.
No, you have it exactly
On Sun, Sep 18, 2011 at 5:18 AM, Ian G i...@iang.org wrote:
On 18/09/11 8:38 AM, Jeffrey Walton wrote:
On Fri, Sep 16, 2011 at 1:07 PM, M.R.makro...@gmail.com wrote:
On 16/09/11 09:16, Jeffrey Walton wrote:
The problem is that people will probably die
due Digitar's failure.
I am not the
On 18/09/11 09:12, Jeffrey Walton wrote:
If you can secure the system from the government...
I can't possibly be the only one here that takes the
following to be axiomatic:
+++
A communication security system, which depends on a corporate
entity playing a role of a ~trusted-third-party~, can
On 18/09/11 08:59, James A. Donald wrote:
If we acknowledge that SSL is not secure, then need
something that is secure.
Nothing is either secure, or not secure. Any engineering
system is either secure for the purpose it was designed for,
or it is not. SSL is secure, since it is secure for the
On 18/09/11 2:59 PM, Arshad Noor wrote:
On 09/17/2011 09:14 PM, Chris Palmer wrote:
Thus, having more signers or longer certificate chains does not reduce
the probability of failure; it gives attackers more chances to score a
hit with (our agreed-upon hypothetical) 0.01 probability. After just
On 18/09/11 1:54 PM, Arshad Noor wrote:
When one connects to a web-site, one does not trust all 500 CA's in
one's browser simultaneously; one only trusts the CA's in that specific
cert-chain. The probability of any specific CA from your trust-store
being compromised does not change just because
On 18/09/11 7:55 PM, M.R. wrote:
On 18/09/11 09:12, Jeffrey Walton wrote:
If you can secure the system from the government...
I can't possibly be the only one here that takes the
following to be axiomatic:
+++
A communication security system, which depends on a corporate
entity playing a
On Sun, Sep 18, 2011 at 6:43 AM, Ian G i...@iang.org wrote:
On 18/09/11 7:30 PM, Jeffrey Walton wrote:
Its kind of like the poor
man's cloud (and corporate america is flocking to the cloud, in part
due to the additional layer of liability offload).
! OK, I'll bite. How does one offload
http://us.cnn.com/2011/WORLD/europe/09/16/enigma.machine.auction/index.html
--Steve Bellovin, https://www.cs.columbia.edu/~smb
___
cryptography mailing list
cryptography@randombit.net
On 18/09/11 10:31, Ian G wrote:
On the other hand, a perfectly adequate low-level retail
transaction security system can best be achieved by using a
trusted-third-party, SSL-like system.
That's a marketing claim. Best ignored in any scientific
discussion.
Yes, I agree, let's ignore it!
In
On 09/18/2011 05:32 AM, Jeffrey Walton wrote:
The one thing I cannot palette: [many] folks in Iran had a
preexisting relationship with Google. For an Iranian to read his/her
email via Gmail only required two parties - the person who wants to
do the reading and the Gmail service. Why was a third
On 09/18/2011 03:05 AM, Ian G wrote:
You guys have a very funny way of saying probability equals 100% but
hey, ... as long as we get there in the end, who am I to argue :)
That is not what I'm saying, Ian. Just because you come across one
compromised CA out of 100 in the browser, does not
Ralph Holz h...@net.in.tum.de writes:
In the EFF dataset of the full IPv4 space, I find 773,512 such certificates.
Could these be from the bizarro Korean DIY PKI (the NPKI) that they've
implemented? Could you post (or email) some of the certs?
Peter.
Hi,
Are there weaknesses in PKI? Undoubtedly! But, there are failures
in every ecosystem. The intelligent response to certificate
manufacturing and distribution weaknesses is to improve the quality
of the ecosystem - not throw the baby out with the bath-water.
And how do you propose to go
On 09/18/2011 10:53 AM, Ralph Holz wrote:
Hi,
Are there weaknesses in PKI? Undoubtedly! But, there are failures
in every ecosystem. The intelligent response to certificate
manufacturing and distribution weaknesses is to improve the quality
of the ecosystem - not throw the baby out with the
Ian G i...@iang.org writes:
When it came to actual failures ... they are silent. Still. But they love
their merry-go-round :)
There are ways to get off the merry-go-round. I've now put the slides for the
talk I'd mentioned last week, that I did at EuroPKI, up at
Hi,
In the EFF dataset of the full IPv4 space, I find 773,512 such certificates.
Could these be from the bizarro Korean DIY PKI (the NPKI) that they've
implemented? Could you post (or email) some of the certs?
I don't think so. Here is a list of COUNT(issuers), issuers from the
EFF
Arshad Noor arshad.n...@strongauth.com writes:
Just because you come across one compromised CA out of 100 in the browser,
does not imply that the remaining 99 are compromised (which is what you are
implying with your statement).
Since browser PKI uses universal implicit cross-certification, it
Arshad Noor arshad.n...@strongauth.com writes:
Rather than shoot from the hip, the logical way to propose a solution would
be to write a paper on it and submit it to IDTrust 2012 for discussion. If
it is selected, it will have the merit of having been reviewed and deemed
worthy of discussion.
On 19/09/11 3:50 AM, Arshad Noor wrote:
On 09/17/2011 10:37 PM, Marsh Ray wrote:
It really is the fact that there are hundreds of links in the chain and
that the failure of any single weak link results in the failure of the
system as a whole.
I'm afraid we will remain in disagreement on
Ian asked:
#Right -- how to fix the race to the bottom?
Wasn't that supposed to be part of the Extended Validation solution?
If it has failed at that, and I could see arguments either way, the
other natural solution is probably government regulation. It likely
wouldn't be pretty, but imagine:
On 09/18/2011 12:50 PM, Arshad Noor wrote:
On 09/17/2011 10:37 PM, Marsh Ray wrote:
It really is the fact that there are hundreds of links in the chain and
that the failure of any single weak link results in the failure of the
system as a whole.
I'm afraid we will remain in disagreement on
On 2011-09-18 7:55 PM, M.R. wrote:
It follows then that we are not looking at replacing the SSL
system with something better, but at keeping the current
SSL - perhaps with some incremental improvements - for the
retail transactions,
These days, most retail transactions have a sign in.
Sign
On 2011-09-19 3:50 AM, Arshad Noor wrote:
I'm afraid we will remain in disagreement on this. I do not view the
failure of a single CA as a failure of PKI, no more than I see the
crash of a single airplane as an indictment of air-travel.
And similarly, you do not see a wall with a single man
On 2011-09-19 4:21 AM, Arshad Noor wrote:
Rather than shoot from the hip, the logical way to propose a solution
would be to write a paper on it and submit it to IDTrust 2012 for
discussion.
Oh come on!
Everyone is bored with IDtrust, which is why they have to keep changing
their name.
The
On 2011-09-19 5:30 AM, Joe St Sauver wrote:
If it has failed at that, and I could see arguments either way, the
other natural solution is probably government regulation.
Many CAs are already government entities, and most are arguably quasi
government entities - and by and large, the
On 19/09/11 6:53 AM, James A. Donald wrote:
On 2011-09-18 7:55 PM, M.R. wrote:
It follows then that we are not looking at replacing the SSL
system with something better, but at keeping the current
SSL - perhaps with some incremental improvements - for the
retail transactions,
These days, most
On 19/09/11 7:11 AM, Marsh Ray wrote:
Now that the cat's out of the bag about PKI in general and there's an
Iranian guy issuing to himself certs for www.*.gov seemingly at will,
Hmmm... did he do that?
That would seem to get the message across to the PKI proponents far
better than logic or
Hi Joe,
On 19/09/11 5:30 AM, Joe St Sauver wrote:
Ian asked:
#Right -- how to fix the race to the bottom?
Wasn't that supposed to be part of the Extended Validation solution?
In a way, it was. More particularly it was the fix to certificate
manufacturing. The obvious fix to low quality
Hi James,
On 19/09/11 1:39 PM, James A. Donald wrote:
On 19/09/11 6:53 AM, James A. Donald wrote:
These days, most retail transactions have a sign in.
Sign ins are phisher food.
SSL fails to protect sign ins.
On 2011-09-19 1:12 PM, Ian G wrote:
Hence, frequent suggestions to uptick the
On 09/18/2011 03:33 PM, James A. Donald wrote:
On 2011-09-19 3:50 AM, Arshad Noor wrote:
I'm afraid we will remain in disagreement on this. I do not view the
failure of a single CA as a failure of PKI, no more than I see the
crash of a single airplane as an indictment of air-travel.
And
On 09/18/2011 01:12 PM, Marsh Ray wrote:
But the failure of *any* single CA allows a successful attack on *every*
user connecting to *every* https website.
Would you care to explain this in more detail, Marsh?
Please feel free to frame your explanation as if you were
explaining this to a
35 matches
Mail list logo