Hi Arshad,
It occurs to me that we're almost there.
On 22/09/11 02:30 AM, Arshad Noor wrote:
Thirdly, lets assume that the compromised CA has *explicitly* entered
into a cross-certification agreement with one or more other TTP CAs.
Right, they got themselves listed by the browsers, who hid
On 09/18/2011 11:59 AM, Peter Gutmann wrote:
Arshad Noorarshad.n...@strongauth.com writes:
Just because you come across one compromised CA out of 100 in the browser,
does not imply that the remaining 99 are compromised (which is what you are
implying with your statement).
Since browser PKI
On 09/18/2011 11:57 AM, Peter Gutmann wrote:
Arshad Noorarshad.n...@strongauth.com writes:
Are there weaknesses in PKI? Undoubtedly! But, there are failures in every
ecosystem. The intelligent response to certificate manufacturing and
distribution weaknesses is to improve the quality of
On Wed, Sep 21, 2011 at 12:30 PM, Arshad Noor
arshad.n...@strongauth.com wrote:
On 09/18/2011 11:59 AM, Peter Gutmann wrote:
Arshad Noorarshad.n...@strongauth.com writes:
Just because you come across one compromised CA out of 100 in the
browser,
does not imply that the remaining 99 are
Hi all,
On 22/09/11 02:30 AM, Arshad Noor wrote:
On 09/18/2011 11:59 AM, Peter Gutmann wrote:
Arshad Noorarshad.n...@strongauth.com writes:
Just because you come across one compromised CA out of 100 in the
browser,
does not imply that the remaining 99 are compromised (which is what
you are
On Wed, Sep 21, 2011 at 11:30 AM, ianG i...@iang.org wrote:
It's a good term! Add my use: There is a universal implicit
cross-certification in the secure browsing PKI, and the industry knows it,
or should know it.
Indeed, we can show evidence of this in Chrome's CA pinning.
I had assumed
On Mon, Sep 19, 2011 at 7:31 PM, Benjamin Kreuter brk...@virginia.edu wrote:
On 09/18/2011 05:11 PM, Marsh Ray wrote:
B. If your threat model considers as an adversary government A, then
you're in good company with governments B through Z. So all the comments
on won't save you from The
Marsh Ray wrote:
But the failure of *any* single CA allows a successful attack on *every*
user connecting to *every* https website.
On 2011-09-19 2:48 PM, Arshad Noor wrote:
Would you care to explain this in more detail, Marsh?
Please feel free to frame your explanation as if you were
On 09/18/2011 11:48 PM, Arshad Noor wrote:
On 09/18/2011 01:12 PM, Marsh Ray wrote:
But the failure of *any* single CA allows a successful attack on *every*
user connecting to *every* https website.
Would you care to explain this in more detail, Marsh?
Please feel free to frame your
James A. Donald jam...@echeque.com writes:
The peers who do the peer reviewing for IDtrust, are not peers at all, but
high priests who review for doctrinal conformity to the consensus of the the
most holy synod,
I know you meant that tongue-in-cheek, but in some cases it's frighteningly
close
On 09/18/2011 05:11 PM, Marsh Ray wrote:
B. If your threat model considers as an adversary government A, then
you're in good company with governments B through Z. So all the comments
on won't save you from The Government, while true, are also
potentially writing off your biggest ally.
Unless,
On 2011-09-18 3:37 PM, Marsh Ray wrote:
Now you may be a law-and-order type fellow who believes that lawful
intercept is a magnificent tool in the glorious war on whatever. But if
so, you have to realize that on the global internet, your own systems
are just as vulnerable to a lawfully executed
On Sun, Sep 18, 2011 at 1:37 AM, Marsh Ray ma...@extendedsubset.com wrote:
On 09/17/2011 11:59 PM, Arshad Noor wrote:
The real problem, however, is not the number of signers or the length
of the cert-chain; its the quality of the certificate manufacturing
process.
No, you have it exactly
On 18/09/11 2:59 PM, Arshad Noor wrote:
On 09/17/2011 09:14 PM, Chris Palmer wrote:
Thus, having more signers or longer certificate chains does not reduce
the probability of failure; it gives attackers more chances to score a
hit with (our agreed-upon hypothetical) 0.01 probability. After just
On 18/09/11 1:54 PM, Arshad Noor wrote:
When one connects to a web-site, one does not trust all 500 CA's in
one's browser simultaneously; one only trusts the CA's in that specific
cert-chain. The probability of any specific CA from your trust-store
being compromised does not change just because
On 09/18/2011 03:05 AM, Ian G wrote:
You guys have a very funny way of saying probability equals 100% but
hey, ... as long as we get there in the end, who am I to argue :)
That is not what I'm saying, Ian. Just because you come across one
compromised CA out of 100 in the browser, does not
Hi,
Are there weaknesses in PKI? Undoubtedly! But, there are failures
in every ecosystem. The intelligent response to certificate
manufacturing and distribution weaknesses is to improve the quality
of the ecosystem - not throw the baby out with the bath-water.
And how do you propose to go
On 09/18/2011 10:53 AM, Ralph Holz wrote:
Hi,
Are there weaknesses in PKI? Undoubtedly! But, there are failures
in every ecosystem. The intelligent response to certificate
manufacturing and distribution weaknesses is to improve the quality
of the ecosystem - not throw the baby out with the
Arshad Noor arshad.n...@strongauth.com writes:
Just because you come across one compromised CA out of 100 in the browser,
does not imply that the remaining 99 are compromised (which is what you are
implying with your statement).
Since browser PKI uses universal implicit cross-certification, it
Arshad Noor arshad.n...@strongauth.com writes:
Rather than shoot from the hip, the logical way to propose a solution would
be to write a paper on it and submit it to IDTrust 2012 for discussion. If
it is selected, it will have the merit of having been reviewed and deemed
worthy of discussion.
On 19/09/11 3:50 AM, Arshad Noor wrote:
On 09/17/2011 10:37 PM, Marsh Ray wrote:
It really is the fact that there are hundreds of links in the chain and
that the failure of any single weak link results in the failure of the
system as a whole.
I'm afraid we will remain in disagreement on
Ian asked:
#Right -- how to fix the race to the bottom?
Wasn't that supposed to be part of the Extended Validation solution?
If it has failed at that, and I could see arguments either way, the
other natural solution is probably government regulation. It likely
wouldn't be pretty, but imagine:
On 09/18/2011 12:50 PM, Arshad Noor wrote:
On 09/17/2011 10:37 PM, Marsh Ray wrote:
It really is the fact that there are hundreds of links in the chain and
that the failure of any single weak link results in the failure of the
system as a whole.
I'm afraid we will remain in disagreement on
On 2011-09-19 3:50 AM, Arshad Noor wrote:
I'm afraid we will remain in disagreement on this. I do not view the
failure of a single CA as a failure of PKI, no more than I see the
crash of a single airplane as an indictment of air-travel.
And similarly, you do not see a wall with a single man
On 2011-09-19 4:21 AM, Arshad Noor wrote:
Rather than shoot from the hip, the logical way to propose a solution
would be to write a paper on it and submit it to IDTrust 2012 for
discussion.
Oh come on!
Everyone is bored with IDtrust, which is why they have to keep changing
their name.
The
On 2011-09-19 5:30 AM, Joe St Sauver wrote:
If it has failed at that, and I could see arguments either way, the
other natural solution is probably government regulation.
Many CAs are already government entities, and most are arguably quasi
government entities - and by and large, the
On 19/09/11 7:11 AM, Marsh Ray wrote:
Now that the cat's out of the bag about PKI in general and there's an
Iranian guy issuing to himself certs for www.*.gov seemingly at will,
Hmmm... did he do that?
That would seem to get the message across to the PKI proponents far
better than logic or
Hi Joe,
On 19/09/11 5:30 AM, Joe St Sauver wrote:
Ian asked:
#Right -- how to fix the race to the bottom?
Wasn't that supposed to be part of the Extended Validation solution?
In a way, it was. More particularly it was the fix to certificate
manufacturing. The obvious fix to low quality
On 09/18/2011 03:33 PM, James A. Donald wrote:
On 2011-09-19 3:50 AM, Arshad Noor wrote:
I'm afraid we will remain in disagreement on this. I do not view the
failure of a single CA as a failure of PKI, no more than I see the
crash of a single airplane as an indictment of air-travel.
And
On 09/18/2011 01:12 PM, Marsh Ray wrote:
But the failure of *any* single CA allows a successful attack on *every*
user connecting to *every* https website.
Would you care to explain this in more detail, Marsh?
Please feel free to frame your explanation as if you were
explaining this to a
Note: I've had to paraphrase some of the content from the archives,
so please excuse me if this does not appear in the context of the
original thread.
I remember enough of my Advanced Statistics from school to know that
the following line of reasoning is fallacious, and can leads to
On 09/17/2011 09:14 PM, Chris Palmer wrote:
Thus, having more signers or longer certificate chains does not reduce the
probability of failure; it gives attackers more chances to score a hit with
(our agreed-upon hypothetical) 0.01 probability. After just 100 chances, an
attacker is all but
On 09/17/2011 11:59 PM, Arshad Noor wrote:
The real problem, however, is not the number of signers or the length
of the cert-chain; its the quality of the certificate manufacturing
process.
No, you have it exactly backwards.
It really is the fact that there are hundreds of links in the chain
33 matches
Mail list logo