IETF Logo Mail Archive

Re: [saag] post-X509 cryptographic identities

Michael Richardson <mcr+ietf@sandelman.ca> Tue, 11 February 2020 14:32 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4068E120130 for <saag@ietfa.amsl.com>; Tue, 11 Feb 2020 06:32:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.5
X-Spam-Level: **
X-Spam-Status: No, score=2.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.399, RCVD_IN_SBL_CSS=3.335, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J385_-_q2VFF for <saag@ietfa.amsl.com>; Tue, 11 Feb 2020 06:32:01 -0800 (PST)
Received: from relay.sandelman.ca (minerva.sandelman.ca [IPv6:2a01:7e00::3d:b000]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A05C12012C for <saag@ietf.org>; Tue, 11 Feb 2020 06:32:01 -0800 (PST)
Received: from dooku.sandelman.ca (ip5f5bd76d.dynamic.kabel-deutschland.de [95.91.215.109]) by relay.sandelman.ca (Postfix) with ESMTPS id EA6851F459 for <saag@ietf.org>; Tue, 11 Feb 2020 14:31:59 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 293541A29C5; Tue, 11 Feb 2020 15:31:59 +0100 (CET)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: saag@ietf.org
In-reply-to: <ac360994-e747-6913-fdc3-19b7db2e00c3@netmagic.com>
References: <ac360994-e747-6913-fdc3-19b7db2e00c3@netmagic.com>
Comments: In-reply-to Tony Rutkowski <trutkowski.netmagic@gmail.com> message dated "Tue, 11 Feb 2020 07:26:50 -0500."
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 25.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Tue, 11 Feb 2020 15:31:59 +0100
Message-ID: <3854.1581431519@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/RS0QB_8n2UWc1Pj0rLHpWayVjQY>
Subject: Re: [saag] post-X509 cryptographic identities
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Feb 2020 14:32:03 -0000

Tony Rutkowski <trutkowski.netmagic@gmail.com> wrote:
    >> Now we are unifying again :-)
    >> Mozilla could, for instance, create a new higher-level CA, sign all of the
    >> existing trust anchors they ship, and effectively be back at X509.

    > And who is going to assume the antitrust liabilities?  See, e.g.,
    > https://www.vox.com/recode/2020/2/6/21125026/big-tech-congress-antitrust-investigation-amazon-apple-google-facebook

Well, that's a reason why re-creating There Shall be Only One PKI is a bad
idea.  RFC2692/RFC2693 already gave us a lot of alternative views.

Typical PKI implementations just makes it really hard for end users to
actually manage their trust anchors, because it pretends that the local trust
anchors were a pronouncement from god.

https://www.rfc-editor.org/rfc/rfc2693.html#section-2.4

2.4 Rethinking Global Names

   The assumption that the job of a certificate was to bind a name to a
   key made sense when it was first published.  In the 1970's, people
   operated in relatively small communities.  Relationships formed face
   to face.  Once you knew who someone was, you often knew enough to
   decide how to behave with that person.  As a result, people have
   reduced this requirement to the simply stated: "know who you're
   dealing with".

   Names, in turn, are what we humans use as identifiers of persons.  We
   learn this practice as infants.  In the family environment names work
   as identifiers, even today.  What we learn as infants is especially
   difficult to re-learn later in life.  Therefore, it is natural for
   people to translate the need to know who the keyholder is into a need
   to know the keyholder's name.

--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email