IETF Logo Mail Archive

Re: [Strint-attendees] initial cut at a recommended reading list for STRINT workshop

Dave Crocker <dcrocker@gmail.com> Mon, 17 February 2014 00:49 UTC

Return-Path: <dcrocker@gmail.com>
X-Original-To: strint-attendees@lists.i1b.org
Received: from mail-yh0-f43.google.com (mail-yh0-f43.google.com [209.85.213.43]) by diego.dreamhost.com (Postfix) with ESMTP id 79F1B4807F for <strint-attendees@lists.i1b.org>; Sun, 16 Feb 2014 16:49:49 -0800 (PST)
Received: by mail-yh0-f43.google.com with SMTP id z6so13688197yhz.30 for <strint-attendees@lists.i1b.org>; Sun, 16 Feb 2014 16:49:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=Y7VoIessCQwCgBKczk7dGkXSIr3VvEaY1/yfjjxpmQo=; b=ZBGxvDF7LLyC8NquQRtcfIPzYA2witvFnzbDzSNONlvWHWKOCDQ/WjRxg1oM0DmuDv NxH+Rv5e/HSPXMG1Sfr8wZlNirV4RskW1SyuPQ1Z7xRmZGvgm0wvoKzQsMtcAzqZNTfM 8OrdmRQ72K2xUFWeP3xIIoyC42ykYgGBtmWPhwNJPCJ08251EHDwRL19vJZ8I4IHWSvY m0IDkjzl2DXQf52xv1bG9TRxgNes1xraECD8srgBs+NX8JKuVrWe2rNNhTMoAddvOoLk y9XHeLkpt3j/R7XpVhLiVGSKw45Fa8hF4Ai3oIM4mxl68Ew4xOPZvhshCRh+0MU9pQsw O2Lg==
X-Received: by 10.236.137.14 with SMTP id x14mr22799828yhi.4.1392598188378; Sun, 16 Feb 2014 16:49:48 -0800 (PST)
Received: from [192.168.19.2] ([172.56.39.135]) by mx.google.com with ESMTPSA id f78sm43162715yhp.12.2014.02.16.16.49.46 for <strint-attendees@lists.i1b.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 16 Feb 2014 16:49:47 -0800 (PST)
Message-ID: <53015C79.6040204@gmail.com>
Date: Sun, 16 Feb 2014 16:48:57 -0800
From: Dave Crocker <dcrocker@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: "strint-attendees@lists.i1b.org" <strint-attendees@lists.i1b.org>
References: <52FB102A.9040701@isoc.org> <5B9A28A0-FA84-4248-BF97-9089AE39DF3A@cisco.com> <1392235983.2832.186.camel@lapkaie> <CALR0uiJgdn_awfxNt40R+ftzGvcwHws7hsyeC+1ske7_75TrYA@mail.gmail.com> <1392389970.28947.3.camel@lapkaie>
In-Reply-To: <1392389970.28947.3.camel@lapkaie>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [Strint-attendees] initial cut at a recommended reading list for STRINT workshop
X-BeenThere: strint-attendees@lists.i1b.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: STRINT Workshop Discussion List <strint-attendees-i1b.org>
List-Unsubscribe: <http://lists.i1b.org/options.cgi/strint-attendees-i1b.org>, <mailto:strint-attendees-request@lists.i1b.org?subject=unsubscribe>
List-Archive: <http://lists.i1b.org/pipermail/strint-attendees-i1b.org>
List-Post: <mailto:strint-attendees@lists.i1b.org>
List-Help: <mailto:strint-attendees-request@lists.i1b.org?subject=help>
List-Subscribe: <http://lists.i1b.org/listinfo.cgi/strint-attendees-i1b.org>, <mailto:strint-attendees-request@lists.i1b.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Feb 2014 00:49:49 -0000

> Yes sorry, I forgot the server uses a certificate from the
> www.cacert.org  CA. Unless you manually add that CA as trusted in your
> browser, you'll have to accept the certificate warning.


This highlights a core human factors (or worse) problem with typical 
models involving cert.

So, any proposal for global privacy improvement that includes a crypto 
mechanism needs to account for these sorts of well-established, 
long-standing problems, along with the rest of the challenges in doing 
key management.

Hint:  The realities of scaling to the real world of the Internet means 
that an acceptable solution will not rely on having average users -- and 
very possibly not even IT professionals -- doing cert administration (or 
maybe even much key administration).

d/

ps. in case anyone misinterprets the above, it was not directed at -- or 
about -- Kai but at the current nature of this stuff.  Kai's forgetting 
was, in my view, not his error but rather an error in the system's design.

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

v2.23.0 | Report a Bug | By Email