Re: [Strint-attendees] Do we need a breakthrough in key management first?
Phillip Hallam-Baker <hallam@gmail.com> Sun, 23 February 2014 20:04 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: strint-attendees@lists.i1b.org
Received: from mail-la0-f49.google.com (mail-la0-f49.google.com [209.85.215.49]) by diego.dreamhost.com (Postfix) with ESMTP id 2DF2248F54 for <strint-attendees@lists.i1b.org>; Sun, 23 Feb 2014 12:04:49 -0800 (PST)
Received: by mail-la0-f49.google.com with SMTP id mc6so1097895lab.22 for <strint-attendees@lists.i1b.org>; Sun, 23 Feb 2014 12:04:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=aMthd/8lpPMKvjKn7Lh30zEn99xxGTrMLnoexw9fu5Q=; b=ZrixUAYBAxmWnI14oR9GsoLYNuFpAIf/0933lh6rJCHs9Zbs6jHdUWuH/tiU4Yidnl BY2nichhwN/j9mbilBT3e7oCpq1JYEp8e/XCarIRcC3NOz4DSXwTRkRplNRhsxA+wLFr dJjVvaTjY4TQRcUcQlk6asDOXTz8k0bofXXnYHeitFBXKKe5eHnc9OUkvdPEyHt8/aoA QM90UqtTE2r5Y5R4JcUeoi6Js9C2MpwMk1CzRjIeTD1DlV9Z7jh2OqqzMP6hJdJkIllK uoWCKBCcmf30JUxHGdC+iuTE9f+Wm5dpDsvK2PI1eJ6ATz8f3r2NuD9glthGJFuI0I/d cCRQ==
MIME-Version: 1.0
X-Received: by 10.112.169.42 with SMTP id ab10mr9396178lbc.87.1393185888512; Sun, 23 Feb 2014 12:04:48 -0800 (PST)
Received: by 10.112.37.168 with HTTP; Sun, 23 Feb 2014 12:04:48 -0800 (PST)
In-Reply-To: <CAJYQ-fS6Lh1B_1eOY9q5RGY4KETb9P_=1Jre81Czm_F3iW15-A@mail.gmail.com>
References: <CAJYQ-fS6Lh1B_1eOY9q5RGY4KETb9P_=1Jre81Czm_F3iW15-A@mail.gmail.com>
Date: Sun, 23 Feb 2014 15:04:48 -0500
Message-ID: <CAMm+LwhmcGC+iRSep5oMiST+JTQkB0KcEwWQnBm41J2GR7AF8w@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Johan Pouwelse <peer2peer@gmail.com>
Content-Type: multipart/alternative; boundary="001a11c38a9cfdb24704f3185ddc"
Cc: strint-attendees@lists.i1b.org
Subject: Re: [Strint-attendees] Do we need a breakthrough in key management first?
X-BeenThere: strint-attendees@lists.i1b.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: STRINT Workshop Discussion List <strint-attendees-i1b.org>
List-Unsubscribe: <http://lists.i1b.org/options.cgi/strint-attendees-i1b.org>, <mailto:strint-attendees-request@lists.i1b.org?subject=unsubscribe>
List-Archive: <http://lists.i1b.org/pipermail/strint-attendees-i1b.org>
List-Post: <mailto:strint-attendees@lists.i1b.org>
List-Help: <mailto:strint-attendees-request@lists.i1b.org?subject=help>
List-Subscribe: <http://lists.i1b.org/listinfo.cgi/strint-attendees-i1b.org>, <mailto:strint-attendees-request@lists.i1b.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Feb 2014 20:04:50 -0000
I think we need to fix key management but what it takes is a different perspective. For the past twenty five years everyone has been looking for the solution to the key management problem. Well perhaps that is because there isn't one. Perhaps there are many problems that require different solutions. This presentation argues the case rather more thoroughly: https://www.youtube.com/watch?v=PBFnBpWkK8M The point is that PGP and PKIX both work. But they solve different problems. So people who start of their work on key management with 'first lets kill all the lawyers' aren't helping. Rather than looking for the perfect key management scheme we should build a framework that separates as much common 'plumbing' that can be shared from the trust infrastructure problems where multiple approaches are needed. We don't need separate S/MIME and PGP/MIME message formats but we do need direct trust, trusted third party trust and peer to peer trust models because each solves different needs. Some parts of key management could be taken off the table with shared standards. Management of private keys is too much of a pain. It takes a lot of unnecessary effort to generate keypairs and move them between machines. None of the existing systems has a viable key recovery scheme for end users. Further if we combine CT concepts with trusted third party trust and peer to peer trust models we get an improvement on either alone. But we can only see an improvement if we have a basis for measurement. Which is why I believe that we need to use the time based work factor as the metric for comparing trust models. We compare different algorithms by the computational cost of breaking them. We should adopt the same rigor to trust models. I am rather fed up of hand wavy arguments about how there are 'billions' of CAs and therefore the new model someone has just pulled out of whatever has to be a 'better' solution. I exaggerate but only by a little. It is also probably a mistake to base argument for protecting pervasive security to heavily on examples drawn from dissident movements who know that they are under observation and face real risks if caught. Dissident movements have no problem with using PGP but that is because they have incentive to learn and make effort. Expecting the other 2 billion users to adopt the same technology is rather optimistic.
- Re: [Strint-attendees] Do we need a breakthrough … Christian Grothoff
- Re: [Strint-attendees] Do we need a breakthrough … Phillip Hallam-Baker
- [Strint-attendees] Do we need a breakthrough in k… Johan Pouwelse