PKIgate

Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp> Mon, 01 March 2010 21:42 UTC

Return-Path: <mohta@necom830.hpcl.titech.ac.jp>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4094328C5B7 for <ietf@core3.amsl.com>; Mon, 1 Mar 2010 13:42:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.645
X-Spam-Level: **
X-Spam-Status: No, score=2.645 tagged_above=-999 required=5 tests=[AWL=-2.735, BAYES_05=-1.11, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, MANGLED_MONEY=2.3, SARE_MONEYTERMS=0.681, SARE_OBFUMONEY2=1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n7Q7Du-wlC6d for <ietf@core3.amsl.com>; Mon, 1 Mar 2010 13:42:55 -0800 (PST)
Received: from necom830.hpcl.titech.ac.jp (necom830.hpcl.titech.ac.jp [131.112.32.132]) by core3.amsl.com (Postfix) with SMTP id 43A2928C579 for <ietf@ietf.org>; Mon, 1 Mar 2010 13:42:55 -0800 (PST)
Received: (qmail 75630 invoked from network); 1 Mar 2010 22:47:23 -0000
Received: from softbank219001188004.bbtec.net (HELO necom830.hpcl.titech.ac.jp) (219.1.188.4) by necom830.hpcl.titech.ac.jp with SMTP; 1 Mar 2010 22:47:23 -0000
Message-ID: <4B8C34C5.4080807@necom830.hpcl.titech.ac.jp>
Date: Tue, 02 Mar 2010 06:42:29 +0900
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ja-JP; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: ja, en
MIME-Version: 1.0
To: Phillip Hallam-Baker <hallam@gmail.com>
Subject: PKIgate
References: <874c02a21002231826y613b9f97ya83740ba240f7bf9@mail.gmail.com> <4B85B7E5.1000104@necom830.hpcl.titech.ac.jp> <201002242347.o1ONlt7L023898@drugs.dv.isc.org> <4B85BF52.7030004@necom830.hpcl.titech.ac.jp> <c331d99a1002241619y47f91f50g4433a7233350dc74@mail.gmail.com> <4B85DBCA.2060407@necom830.hpcl.titech.ac.jp> <4B862D03.7060602@gnutls.org> <4B863571.40604@necom830.hpcl.titech.ac.jp> <a123a5d61002250614h36c51a42xebb54c3cc340829d@mail.gmail.com> <alpine.LFD.1.10.1002251151010.1697@newtla.xelerance.com> <a123a5d61002251201k10b5305ai3aa226fc6b84a793@mail.gmail.com>
In-Reply-To: <a123a5d61002251201k10b5305ai3aa226fc6b84a793@mail.gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, IETF Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Mar 2010 21:42:56 -0000

Phillip Hallam-Baker wrote:

> You can design a PKI to meet many different needs.

No, PKI can be designed for imaginary needs only with no real security.

> Identity is one purpose, but not a very useful one.

It is an example of imaginary security.

> If you want security from a
> PKI you will do better with a validation system that provides
> accountability.

Real accountability needs a real account with real *M*O*N*E*Y*
in it.

If you loss $1M by a wrong operation of a CA, the CA should be
able to compensated the amount of the loss, which is the
accountability.

*M*O*N*E*Y* is the reality.

Then, what if, a wrong operation of a CA causes $1000 loss for 1M
people?

Bankruptcy of the CA does not help the people.

A CA charging $2000 for 1M certificates may have $1000000000 in
its account and may be able to compensate $1000 loss of 1M people.
But, what the point of people paying $2000, only to receive $1000
compensation? It's better for the people not to pay anything to
the CA. What if, if the loss is $1M loss for 1M people?

The only thing serious CAs can do is to make the possibility of
wrong operation absolute ZERO, which is not human and costs
infinite amount of money, which makes the CAs not profitable.

On the other hand, less serious CAs do little, if not nothing, and
just sell imaginary security at low cost to people who really need
real security.

That's how PKI is designed and CAs work.

PKI is a system of fraud.

						Masataka Ohta