Re: [pkng] Some more wacky ideas... Usability ?
Leif Johansson <leifj@mnt.se> Sat, 14 November 2009 22:02 UTC
Return-Path: <leifj@mnt.se>
X-Original-To: pkng@core3.amsl.com
Delivered-To: pkng@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D364F3A682D for <pkng@core3.amsl.com>; Sat, 14 Nov 2009 14:02:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gsgOUW6nNP5i for <pkng@core3.amsl.com>; Sat, 14 Nov 2009 14:02:53 -0800 (PST)
Received: from backup-server.nordu.net (backup-server.nordu.net [193.10.252.66]) by core3.amsl.com (Postfix) with ESMTP id BC4AB3A685E for <pkng@irtf.org>; Sat, 14 Nov 2009 14:02:52 -0800 (PST)
Received: from [172.29.240.2] (211-000-146-193.jp.fiberbit.net [211.0.146.193]) (authenticated bits=0) by backup-server.nordu.net (8.14.3/8.14.3) with ESMTP id nAEM3Cgk021446 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 14 Nov 2009 23:03:17 +0100 (CET)
Message-ID: <4AFF2926.3040404@mnt.se>
Date: Sat, 14 Nov 2009 23:03:18 +0100
From: Leif Johansson <leifj@mnt.se>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Peter Saint-Andre <stpeter@stpeter.im>
References: <485a5a9b4e19e3f6475d6af8de2a6324.squirrel@webmail.scss.tcd.ie> <4AFC334E.90608@Dartmouth.edu> <4AFCF18C.4030009@stpeter.im>
In-Reply-To: <4AFCF18C.4030009@stpeter.im>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: openca@acm.org, pkng@irtf.org
Subject: Re: [pkng] Some more wacky ideas... Usability ?
X-BeenThere: pkng@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Public Key Next Generation \(PKNG\) Research Group" <pkng.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/pkng>
List-Post: <mailto:pkng@irtf.org>
List-Help: <mailto:pkng-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Nov 2009 22:02:53 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Peter Saint-Andre wrote: > On 11/13/09 1:09 AM, Massimiliano Pala wrote: > >> as we have seen the need for >> isolated PKIs to federate (most of the time AFTER they have >> been deployed), I would suggest investigating (and I am totally >> volunteering for this) mechanisms to integrate existing and >> future infrastructures. In more details, I was thinking about >> using Peer-2-peer technologies to provide a sort of PKNG >> overlay network for secure communication between PK-nodes >> (more for CAs nodes rather than End Entities nodes - for >> usability and ease-of-deployment considerations). > > Forgive me for being an IM guy, but when it comes to personal trust Thats ok, somebody has to :-) > online, for many people the buddy list is the center of the universe. I > like the idea of person to person trust because it could be represented > or instantiated in the buddy list, and that would feel natural to a lot > of people. The idea of the buddy list could be extended to application > servers, CAs, and other such entities (in fact we have been exploring > that in the Jabber community for incident reporting between servers). > Incidentally, buddy-lists _is_ the way a lot of SAML identity federations are build today - using SAML metadata to represent the list of entities in your ring(s) of trust (entities being services, not people in this case). The challenge is scaling the buddy-list (or white-list) to 1000s of entities and beyond. Also the KARP trust model is exactly a buddy-list too. Maybe we'll be building something that can both exposed as an online service - perhaps a mix of CA and OCSP - and something where the messages of that protocol can be useful outside the context of any protocol interaction. Cheers Leif -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEUEARECAAYFAkr/KSYACgkQ8Jx8FtbMZndTXQCgom4hEVdxpClLrhdDZTYmq4aR oxYAmPSdwzkVZppPUxM+XBlvuu6Hq4Y= =tQzx -----END PGP SIGNATURE-----
- [pkng] Some more wacky ideas... stephen.farrell
- Re: [pkng] Some more wacky ideas... Usability ? Massimiliano Pala
- Re: [pkng] Some more wacky ideas... Usability ? Peter Saint-Andre
- Re: [pkng] Some more wacky ideas... Usability ? Massimiliano Pala
- Re: [pkng] Some more wacky ideas... Usability ? Leif Johansson
- Re: [pkng] Some more wacky ideas... Usability ? Leif Johansson