IETF Logo Mail Archive

Re: [pkng] some thoughts

Leif Johansson <leifj@mnt.se> Sat, 14 November 2009 21:56 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: pkng@core3.amsl.com
Delivered-To: pkng@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1D99B3A6832 for <pkng@core3.amsl.com>; Sat, 14 Nov 2009 13:56:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0tK3a5msAynR for <pkng@core3.amsl.com>; Sat, 14 Nov 2009 13:56:32 -0800 (PST)
Received: from backup-server.nordu.net (backup-server.nordu.net [193.10.252.66]) by core3.amsl.com (Postfix) with ESMTP id AD4C53A682D for <pkng@irtf.org>; Sat, 14 Nov 2009 13:56:31 -0800 (PST)
Received: from [172.29.240.2] (211-000-146-193.jp.fiberbit.net [211.0.146.193]) (authenticated bits=0) by backup-server.nordu.net (8.14.3/8.14.3) with ESMTP id nAELuoi0018723 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 14 Nov 2009 22:56:55 +0100 (CET)
Message-ID: <4AFF27A8.6070307@mnt.se>
Date: Sat, 14 Nov 2009 22:56:56 +0100
From: Leif Johansson <leifj@mnt.se>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Peter Saint-Andre <stpeter@stpeter.im>
References: <4AFB8EB0.4000406@mnt.se> <4AFCF02D.80202@stpeter.im>
In-Reply-To: <4AFCF02D.80202@stpeter.im>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: pkng@irtf.org
Subject: Re: [pkng] some thoughts
X-BeenThere: pkng@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Public Key Next Generation \(PKNG\) Research Group" <pkng.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/pkng>
List-Post: <mailto:pkng@irtf.org>
List-Help: <mailto:pkng-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Nov 2009 21:56:33 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peter Saint-Andre wrote:
> On 11/12/09 1:27 PM, Leif Johansson wrote:
> 
>> 1. bottoms up vs top down
>>
>> In PKIX the key relationship is between the key and the CA. I
>> believe PKNG should turn this around and be designed based on the
>> relationship between the key and the key consumer.
>>
>> I'm consciously trying to avoid using terms like user-centric or
>> user-managed since they evoke images of specific technologies or
>> patterns and in fact I'm thinking about the RPKI and the KARP
>> when writing this.
> 
> Leif, I skimmed your email while I was sitting in the DTNRG session this
> morning, so the mention of bottom up rang a bell. PKI is impossible when
> there is no "I" to be had (distressed networks, ad-hoc meshes, etc.). As
> people carry more and smaller personal devices, they might want to
> exchange information directly in their interactions (beamed, radioed,
> etc.). They won't necessarily have access to canonical sources of trust
> located in hierarchies or roots. Further, they might not *care* about
> hierarchical trust, instead putting a higher value on bottom up or peer
> to peer trust. Perhaps trust will be based more on social networking and
> personal interconnections (think IM buddy lists, LinkedIn, Facebook,
> Twitter). Keys and certs (or whatever we end up calling them) are cheap,
> so people might generate new ones when needed (or for different
> purposes), check credentials with people or entities in their network
> only when they interact with a person, etc. We have ways to push this
> information out (hey everyone, I've got a new keything) and for
> performing on-demand checks (hey Leif, Paul says his keything has a
> print of foo, is that consistent with what you know?).
> 
> Just a few random ideas generated on the Nozomi train out of Hiroshima... :)
> 
> Peter
> 
> --
> Peter Saint-Andre
> https://stpeter.im/
> 

Yeah this is how I think about it too - to buzz a word: crowdsourcing
identity (but we'll have to be careful not to build another pgp that
doesn't have a business model).

	Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkr/J6gACgkQ8Jx8FtbMZnfKRQCgpf+3Ygw2DTRhym94mLqecE7q
guQAn2/ZkkDNgB4m+BtKMPj3WI53r3tq
=QUSC
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email