IETF Logo Mail Archive

Re: [pkng] Some more wacky ideas... Usability ?

Massimiliano Pala <Massimiliano.Pala@Dartmouth.edu> Thu, 12 November 2009 16:04 UTC

Return-Path: <Massimiliano.Pala@Dartmouth.edu>
X-Original-To: pkng@core3.amsl.com
Delivered-To: pkng@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F38E43A67F4 for <pkng@core3.amsl.com>; Thu, 12 Nov 2009 08:04:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.707
X-Spam-Level:
X-Spam-Status: No, score=-4.707 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_52=0.6, MISSING_HEADERS=1.292, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dX0YvXA81cPm for <pkng@core3.amsl.com>; Thu, 12 Nov 2009 08:04:47 -0800 (PST)
Received: from mail.cs.dartmouth.edu (mail.cs.dartmouth.edu [129.170.212.100]) by core3.amsl.com (Postfix) with ESMTP id BB41B3A67A5 for <pkng@irtf.org>; Thu, 12 Nov 2009 08:04:47 -0800 (PST)
Received: from [129.170.212.222] (dhcp-212-222.cs.dartmouth.edu [129.170.212.222]) (authenticated bits=0) by mail.cs.dartmouth.edu (8.14.3/8.14.3) with ESMTP id nACG5EX6025892 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT) for <pkng@irtf.org>; Thu, 12 Nov 2009 11:05:14 -0500
X-DomainKeys: Sendmail DomainKeys Filter v1.0.2 mail.cs.dartmouth.edu nACG5EX6025892
Message-ID: <4AFC334E.90608@Dartmouth.edu>
Date: Thu, 12 Nov 2009 11:09:50 -0500
From: Massimiliano Pala <Massimiliano.Pala@Dartmouth.edu>
Organization: Dartmouth College / OpenCA Labs
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.4pre) Gecko/20090922 Fedora/3.0-3.9.b4.fc12 Thunderbird/3.0b4
MIME-Version: 1.0
CC: pkng@irtf.org
References: <485a5a9b4e19e3f6475d6af8de2a6324.squirrel@webmail.scss.tcd.ie>
In-Reply-To: <485a5a9b4e19e3f6475d6af8de2a6324.squirrel@webmail.scss.tcd.ie>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms010309090701060407000608"
Subject: Re: [pkng] Some more wacky ideas... Usability ?
X-BeenThere: pkng@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: openca@acm.org
List-Id: "Public Key Next Generation \(PKNG\) Research Group" <pkng.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/pkng>
List-Post: <mailto:pkng@irtf.org>
List-Help: <mailto:pkng-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2009 16:04:49 -0000

Hi all,

just adding to the list of things we could explore... (Paul,
are you keeping track of all the proposals so far ?), I think
we shall look into keeping the PKNG easy - or, at least, relaying
on some concepts that are easy for the users AND for the
developers. Ease-of-Use = less deployment, implementation
and usage errors.

I am saying this because one big problems we have with PKIs
today is the complexity of the protocols on one side and of
crypto libraries on the other. As a result, augmenting apps
with PKI is a painful process. Many developers have no idea
about what they are doing... so... we still rely on passwds
for the majority of our security needs.

Summarizing: we shall keep an eye on usability for users,
developers and pki managers.

I also really like the Stephen's (Farrel) idea of allowing
for a transition to the PKNG when and if needed.. so keep it
at a high-level of abstraction + technical details.

Also, and this is my last point, as we have seen the need for
isolated PKIs to federate (most of the time AFTER they have
been deployed), I would suggest investigating (and I am totally
volunteering for this) mechanisms to integrate existing and
future infrastructures. In more details, I was thinking about
using Peer-2-peer technologies to provide a sort of PKNG
overlay network for secure communication between PK-nodes
(more for CAs nodes rather than End Entities nodes - for
usability and ease-of-deployment considerations).


Cheers,
Max


On 11/12/2009 04:43 AM, stephen.farrell@cs.tcd.ie wrote:
>
> ...none of which are even a bit thought through yet of
> course:-)
>
> 1) Whatever formats we end up with carrying about keys and
> other stuff, I'd like selective field confidentiality to
> the max. (Up to and including encrypting the public keys
> as well since they expose identity pretty well:-)
>
> 2) I want zero-or-more of everything in any structure
> (keys, identifiers, locators, blahs...) and to be able
> to express relationships between those ("two of these
> keys are needed for banking," "any of these keys for
> family"...)
>
> 3) I'd like to think about the private key holder never
> seeing anything like a cert. In many cases, its only
> the RP (or a service acting on its behalf ala XKMS/SCVP),
> who actually needs whatever structure is involved. That
> could push any enrollment burden onto the beneficiary,
> which'd be nice. (And in that case, different RPs should
> be able to share the burden between them, if the private
> key holder is ok with that.)
>
> 4) Not all clocks are accurate so I want something that
> doesn't need any real time clocks at all, (its ok to use
> 'em sometimes though).
>
> 5) There're probably a bunch of crypto papers about RSA
> like keys with more than two factors, split-keys, etc
> and they should just work as well as more traditional
> keys if they're useful. Not sure how to map that to a
> story, but maybe related to different keys having
> wildly different crypto APIs associated with them. Maybe
> I'll even send you the runtime for that with the key.
>
> 6) I want something that works with load-balanced
> services - it should be cheap to use whatever we want
> to do without having to do it all over again each
> time I talk to a different VM or whatever.
>
> 7) DTN scenarios, where you can't wait on a round-trip
> and sensor-networks where you can't send big packets
> should be considered, but are probably corner-cases.
> (We might learn from them though.)
>
> 8) (Ignoring Paul's instructions:-) I'd like to be able
> to hack whatever we do so that the results look like an
> X.509 cert so not all PKIX-consuming protocols would have
> to know we're messing about under the hood. (Or, put
> more soberly, I'd like us to consider migration:-)
>
> 9) I'd like some "soft" failure modes, so people (users
> or developers) don't have to get stupid PKNG errors to
> replace stupid certificate errors. ("Please Mr. RP: If
> nothing else works, would you let me do *something*
> based on this key?") Put another way: all keys are
> valid, some are just better-suited than others for
> a particular purpose. (Could revocation even go away?)
>
> 10) I want to be able to develop an application so
> that when I protect application layer PDUs, then
> different receivers get to see different parts, maybe
> according to some complex set of rules. (We have a
> project on securing electronic health care records
> starting in March and this is a requirement for that,
> that can probably only be met very clumsily with
> current PKI.)

-- 

Best Regards,

	Massimiliano Pala

--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]                   openca@acm.org
                                                  project.manager@openca.org

Dartmouth Computer Science Dept               Home Phone: +1 (603) 369-9332
PKI/Trust Laboratory                          Work Phone: +1 (603) 646-8734
--o------------------------------------------------------------------------
People who think they know everything are a great annoyance to those of us
who do.
							   -- Isaac Asimov

v2.23.0 | Report a Bug | By Email