IETF Logo Mail Archive

[pkng] some thoughts

Leif Johansson <leifj@mnt.se> Thu, 12 November 2009 04:27 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: pkng@core3.amsl.com
Delivered-To: pkng@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9FDAC3A67D2 for <pkng@core3.amsl.com>; Wed, 11 Nov 2009 20:27:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.981
X-Spam-Level:
X-Spam-Status: No, score=-3.981 tagged_above=-999 required=5 tests=[AWL=-1.382, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HSPM2XgJj2yz for <pkng@core3.amsl.com>; Wed, 11 Nov 2009 20:27:08 -0800 (PST)
Received: from backup-server.nordu.net (backup-server.nordu.net [193.10.252.66]) by core3.amsl.com (Postfix) with ESMTP id 64CEC28C1E5 for <pkng@irtf.org>; Wed, 11 Nov 2009 20:27:05 -0800 (PST)
Received: from [133.93.19.61] (host-19-61.meeting.ietf.org [133.93.19.61]) (authenticated bits=0) by backup-server.nordu.net (8.14.3/8.14.3) with ESMTP id nAC4RRYd019657 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <pkng@irtf.org>; Thu, 12 Nov 2009 05:27:32 +0100 (CET)
Message-ID: <4AFB8EB0.4000406@mnt.se>
Date: Thu, 12 Nov 2009 05:27:28 +0100
From: Leif Johansson <leifj@mnt.se>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: pkng@irtf.org
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [pkng] some thoughts
X-BeenThere: pkng@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Public Key Next Generation \(PKNG\) Research Group" <pkng.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/pkng>
List-Post: <mailto:pkng@irtf.org>
List-Help: <mailto:pkng-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2009 04:27:09 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


This is a loose bunch of ideas and thoughts spurred by todays
discussion. I'll probably come up with more later.

I'm using the term 'key consumer' loosely to describe something
that interacts with PKNG using PKNG keys whatever that is... Maybe
that should be trust consumers but whatever...

1. bottoms up vs top down

In PKIX the key relationship is between the key and the CA. I
believe PKNG should turn this around and be designed based on the
relationship between the key and the key consumer.

I'm consciously trying to avoid using terms like user-centric or
user-managed since they evoke images of specific technologies or
patterns and in fact I'm thinking about the RPKI and the KARP
when writing this.

2. assurance is not an enum

The strength or assurance of a relationship (as represented by
a key exchange) probably shouldn't be a discrete set of values
(trusted or not, QC or not, or LoA 1-4 or whatever).

In analogy with BGP, key consumers should be able to express
rich policy for when to use a key for a particular transaction
based on access to a parameter space that might encompass some
of Lucys 'set-of-interactions' idea.

For instance I'd like to be able to bootstrap my local trust
parameter space from both physical interactions (our RFID
thingamajigs touched) or virtual interactions (I saw an email
signed by that key)

3. BGP of trust

In analogy with networking I'd like PKNG to become the "routing
layer" for trust. Specifically I believe it should be a non-goal
of PKNG to even be able to express a single hierarchy of trust
for the Internet :-)

I believe that PKIX was built on technology designed to be
deployed as _the single_ hierarchy of trust but it is in fact
being deployed as a set of islands of trust. By contrast I
think PKNG should be designed to interconnect multiple
realms of trust.

This is partly what I was getting at when I said that PKNG
should be designed with 'bridges turned on by default' at the
meeting today.

	Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkr7jrAACgkQ8Jx8FtbMZncGZwCgoHAV024rnQsM2756ur20PWZA
vAUAnjveyOoWiajS32glvWMAkLqe5VsQ
=0Epn
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email