Re: [saag] post-X509 cryptographic identities
Michael Richardson <mcr+ietf@sandelman.ca> Fri, 14 February 2020 13:59 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82042120074 for <saag@ietfa.amsl.com>; Fri, 14 Feb 2020 05:59:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.501
X-Spam-Level: **
X-Spam-Status: No, score=2.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.399, RCVD_IN_SBL_CSS=3.335, SPF_HELO_NONE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A97fMgR-5PVP for <saag@ietfa.amsl.com>; Fri, 14 Feb 2020 05:59:45 -0800 (PST)
Received: from relay.sandelman.ca (minerva.sandelman.ca [IPv6:2a01:7e00::3d:b000]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE5BB120041 for <saag@ietf.org>; Fri, 14 Feb 2020 05:59:44 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [46.183.103.8]) by relay.sandelman.ca (Postfix) with ESMTPS id 48AF41F459; Fri, 14 Feb 2020 13:59:43 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 32BA71A2B90; Fri, 14 Feb 2020 14:59:41 +0100 (CET)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Nico Williams <nico@cryptonector.com>
cc: saag@ietf.org
In-reply-to: <20200213174617.GQ18021@localhost>
References: <ac360994-e747-6913-fdc3-19b7db2e00c3@netmagic.com> <3854.1581431519@dooku> <20200213174617.GQ18021@localhost>
Comments: In-reply-to Nico Williams <nico@cryptonector.com> message dated "Thu, 13 Feb 2020 11:46:18 -0600."
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 25.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Fri, 14 Feb 2020 14:59:41 +0100
Message-ID: <18044.1581688781@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/kCXlro8HclKuZ3te80rpHtf_LIQ>
Subject: Re: [saag] post-X509 cryptographic identities
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Feb 2020 13:59:48 -0000
Nico Williams <nico@cryptonector.com> wrote: > It seems like a miracle that we have DNS at all. > And when you talk about x.509 naming, it really does seem to mean that > you're referring to dNSName SANs, so, DNS. > It seems unlikely to me that we could replace a global system we have > (DNS) with a non-global system. That's a lot of value to leave behind! SPKI permitted things like: DNS's www.cryptonector.com or: Nico's second-floor bathroom and in particular it would permit: or: Russia's nameservice cryptnector.com (national DNS root) or: employer.example.com's www.amazon.com (forced corporate proxy) >> Typical PKI implementations just makes it really hard for end users to >> actually manage their trust anchors, because it pretends that the >> local trust anchors were a pronouncement from god. > Yes. But that's not a fault of PKIX, or DNS, or anything other than > the I agree, it's not inheirently the result of PKIX, but then we got meaningless junk like CPS which makes it really hard for people (even lawyers) to have their own. > So I take the opposite view: a single global namespace IS fine. It may > well be the single biggest key to the Internet's success. WebPKI is > busted. ISTM incorrect to conclude that because WebPKI is busted, and > that because the "I" in it wanted it to be a single global namespace, > that then it must be that a global namespace is bad. In the SPKI days I wanted no DNSSEC root. I wanted 158 national roots with k-of-n cross-signatures. Countries would recognize (in the political/legal, UN sense) each other by signing each other's ccTLD trust anchors. Everyone in Canada would be obligated by law to use the "CA" trust anchors, and to get to "amazon.DE", I'd have to go "CA-cross->DE->amazon". Which definitely lets my government spoof me, which they already say they have the right to do under certain circumstances, but it doesn't let them spoof you. Would we have to kill ".com", etc. and all the ICANN zoo? Maybe. It's not a big loss to me, but others would object. And we don't need to do it overnight. It also means that my government is assuming liability if I get spoofed, which also seems reasonable. >> learn this practice as infants. In the family environment names work >> as identifiers, even today. What we learn as infants is especially >> difficult to re-learn later in life. Therefore, it is natural for >> people to translate the need to know who the keyholder is into a need >> to know the keyholder's name. > Locality in naming usage does not imply that a global namespace is bad. So, we see this in things like maps where national authorities inform google/bing/etc. what the official name of a conquored place is, in contradiction to what name the locals, (and possibly, the world) use. I don't know which name is global and which name is local, but I can do all of that with relative (SPKI) names. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Derek Atkins
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Derek Atkins
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Watson Ladd
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Eric Rescorla
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Eric Rescorla
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Eric Rescorla
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Eric Rescorla
- Re: [saag] post-X509 cryptographic identities Stephen Farrell
- Re: [saag] post-X509 cryptographic identities Peter Gutmann
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Tony Finch
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Watson Ladd
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Phillip Hallam-Baker
- Re: [saag] post-X509 cryptographic identities Phillip Hallam-Baker
- Re: [saag] post-X509 cryptographic identities Tony Rutkowski
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Phillip Hallam-Baker
- Re: [saag] post-X509 cryptographic identities Phillip Hallam-Baker
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Henry Story
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Michael Richardson
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Viktor Dukhovni
- Re: [saag] post-X509 cryptographic identities Nico Williams
- Re: [saag] post-X509 cryptographic identities Tony Finch
- Re: [saag] post-X509 cryptographic identities Michael Richardson