On Fri, Jan 27, 2012 at 5:21 AM, Ralph Holz <[email protected]> wrote: > Hi, > >>>> Separation of duties - increases the number of trusted parties >>>> No sequential access - increases the number of trusted parties >>>> No lone zone - increases the number of trusted parties. >>>> >>>> Those are all NSA/GCHQ doctrines. I am pretty sure that they >>>> understand security engineering at some level. >>> >>> But can they be applied to, say, current X.509 PKI? I doubt that. >> >> Of course they were, why do you think I raised it in the first place? >> >> Separation of duties is essentially what SK and CT are providing. > > I thought you were referring to technical issues, like numbers of > trusted TTPs = CAs. I don't think your argument applies there.
Separation of duties would suggest that we have two separate trusted parties with somewhat different responsibilities and require both to concur in order to establish trust. This is essentially what the four proposals I described in the paper attempt to do, albeit CT and SK attempt to limit the exposure to the additional party cryptographically but even if that is assumed to work as intended, the notary can still perform a service attack. -- Website: http://hallambaker.com/ _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
