Before quoting end to end I strongly suggest that you actually read the Clark paper because it probably does not say what you think it does. The argument is actually about complexity and strategies for addressing it.
The end-to-end security model is bunk when it comes to PKI because the end points of every communication are either people or corporations and neither can do big number modular arithmetic without some form of computer support. So there will always be at least three hops in your model: Alice <-> Computer <-> Computer <-> Bob This really matters a heck of a lot when you start to consider real world issues like usability. On Mon, Feb 13, 2012 at 7:28 PM, Nico Williams <[email protected]> wrote: > On Mon, Feb 13, 2012 at 5:08 PM, Kyle Hamilton <[email protected]> wrote: >> I think the existing mandate that everything be authenticated and tunneled >> end-to-end only hurts the IETF. We need to develop systems within models > > If it's not end-to-end it's hop-by-hop or worse: no security. So you > think hop-by-hop is better than end-to-end? Yes, there are systems > where only hop-by-hop security works, but generally we should prefer > end-to-end. If you have a good argument for !end-to-end I'm all ears. > > Perhaps you don't like trusted third parties. But end-to-end doesn't > imply trusted third parties. Internet scale security has required > trusted third parties to date, but it's not because of the end-to-end > architecture. (Or perhaps I completely misunderstood you.) > > Nico > -- > _______________________________________________ > therightkey mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/therightkey -- Website: http://hallambaker.com/ _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
