[pkng] Some more wacky ideas...
stephen.farrell@cs.tcd.ie Thu, 12 November 2009 09:43 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: pkng@core3.amsl.com
Delivered-To: pkng@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 11A573A6B90 for <pkng@core3.amsl.com>; Thu, 12 Nov 2009 01:43:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_52=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aI5N58VvREm1 for <pkng@core3.amsl.com>; Thu, 12 Nov 2009 01:43:06 -0800 (PST)
Received: from cs.tcd.ie (hermes.cs.tcd.ie [IPv6:2001:770:10:200:21b:21ff:fe3a:3d50]) by core3.amsl.com (Postfix) with ESMTP id C87F93A6959 for <pkng@irtf.org>; Thu, 12 Nov 2009 01:43:05 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by hermes.scss.tcd.ie (Postfix) with ESMTP id 8279A3E408D for <pkng@irtf.org>; Thu, 12 Nov 2009 09:43:34 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; h= content-transfer-encoding:content-type:mime-version:user-agent :reply-to:from:subject:date:message-id:received:received :received:x-virus-scanned; s=cs; t=1258019013; bh=x1OJU2TnzofNER WFg+pK7hW3odDlMnmyGhJ5RCB9syI=; b=6XC+uBhxoH9EWQxXk0iPUiZK8/yl1t KmoHH5U9ZSa+h9zLIg6J71I3O1I47rqltzq0sSl4p4qFSvFEMa8wOvOOuHDnayAp 4FGd1Axh/HPTyttvvaNWsMTlBq/FvrMmQmUE19upTX44HpyGwId7xkchXNg5Gp8+ VVrevZ8BzprgINUFZ3VHyHn+Q8FV4/zv5LCXi6pIR3uERmLaR3eZsdvJNMBROvMh ZnVoj2JZZk8e+R7paMhFXcKuZnU9GZMktcSvOQEhoP1sj1qBIyeQuS2arYNglcf6 oKnWYTbZdeFX21uYkWeKaTBrvqx11JcghnG8lytmJEf5Jkem+7292qJw==
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from cs.tcd.ie ([127.0.0.1]) by localhost (hermes.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10027) with ESMTP id AYPaI2xmatnQ for <pkng@irtf.org>; Thu, 12 Nov 2009 09:43:33 +0000 (GMT)
Received: from webmail.scss.tcd.ie (localhost [127.0.0.1]) by smtp.scss.tcd.ie (Postfix) with ESMTP id DEBFC3E4081 for <pkng@irtf.org>; Thu, 12 Nov 2009 09:43:30 +0000 (GMT)
Received: from 133.93.113.93 (SquirrelMail authenticated user sfarrel6) by webmail.scss.tcd.ie with HTTP; Thu, 12 Nov 2009 09:43:33 -0000 (GMT)
Message-ID: <485a5a9b4e19e3f6475d6af8de2a6324.squirrel@webmail.scss.tcd.ie>
Date: Thu, 12 Nov 2009 09:43:33 -0000
From: stephen.farrell@cs.tcd.ie
To: pkng@irtf.org
User-Agent: SquirrelMail/1.4.15
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: [pkng] Some more wacky ideas...
X-BeenThere: pkng@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: stephen.farrell@cs.tcd.ie
List-Id: "Public Key Next Generation \(PKNG\) Research Group" <pkng.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/pkng>
List-Post: <mailto:pkng@irtf.org>
List-Help: <mailto:pkng-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2009 09:43:07 -0000
...none of which are even a bit thought through yet of
course:-)
1) Whatever formats we end up with carrying about keys and
other stuff, I'd like selective field confidentiality to
the max. (Up to and including encrypting the public keys
as well since they expose identity pretty well:-)
2) I want zero-or-more of everything in any structure
(keys, identifiers, locators, blahs...) and to be able
to express relationships between those ("two of these
keys are needed for banking," "any of these keys for
family"...)
3) I'd like to think about the private key holder never
seeing anything like a cert. In many cases, its only
the RP (or a service acting on its behalf ala XKMS/SCVP),
who actually needs whatever structure is involved. That
could push any enrollment burden onto the beneficiary,
which'd be nice. (And in that case, different RPs should
be able to share the burden between them, if the private
key holder is ok with that.)
4) Not all clocks are accurate so I want something that
doesn't need any real time clocks at all, (its ok to use
'em sometimes though).
5) There're probably a bunch of crypto papers about RSA
like keys with more than two factors, split-keys, etc
and they should just work as well as more traditional
keys if they're useful. Not sure how to map that to a
story, but maybe related to different keys having
wildly different crypto APIs associated with them. Maybe
I'll even send you the runtime for that with the key.
6) I want something that works with load-balanced
services - it should be cheap to use whatever we want
to do without having to do it all over again each
time I talk to a different VM or whatever.
7) DTN scenarios, where you can't wait on a round-trip
and sensor-networks where you can't send big packets
should be considered, but are probably corner-cases.
(We might learn from them though.)
8) (Ignoring Paul's instructions:-) I'd like to be able
to hack whatever we do so that the results look like an
X.509 cert so not all PKIX-consuming protocols would have
to know we're messing about under the hood. (Or, put
more soberly, I'd like us to consider migration:-)
9) I'd like some "soft" failure modes, so people (users
or developers) don't have to get stupid PKNG errors to
replace stupid certificate errors. ("Please Mr. RP: If
nothing else works, would you let me do *something*
based on this key?") Put another way: all keys are
valid, some are just better-suited than others for
a particular purpose. (Could revocation even go away?)
10) I want to be able to develop an application so
that when I protect application layer PDUs, then
different receivers get to see different parts, maybe
according to some complex set of rules. (We have a
project on securing electronic health care records
starting in March and this is a requirement for that,
that can probably only be met very clumsily with
current PKI.)
That's enough for now...
S.
- [pkng] Some more wacky ideas... stephen.farrell
- Re: [pkng] Some more wacky ideas... Usability ? Massimiliano Pala
- Re: [pkng] Some more wacky ideas... Usability ? Peter Saint-Andre
- Re: [pkng] Some more wacky ideas... Usability ? Massimiliano Pala
- Re: [pkng] Some more wacky ideas... Usability ? Leif Johansson
- Re: [pkng] Some more wacky ideas... Usability ? Leif Johansson