Re: [therightkey] Basically, it's about keeping the CAs honest
Phillip Hallam-Baker <hallam@gmail.com> Tue, 14 February 2012 01:00 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D993521E8022 for <therightkey@ietfa.amsl.com>; Mon, 13 Feb 2012 17:00:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.244
X-Spam-Level:
X-Spam-Status: No, score=-2.244 tagged_above=-999 required=5 tests=[AWL=-0.945, BAYES_00=-2.599, MANGLED_SHOP=2.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oWNa19XgYevl for <therightkey@ietfa.amsl.com>; Mon, 13 Feb 2012 17:00:21 -0800 (PST)
Received: from mail-tul01m020-f172.google.com (mail-tul01m020-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id B616A21E8010 for <therightkey@ietf.org>; Mon, 13 Feb 2012 17:00:21 -0800 (PST)
Received: by obbwd15 with SMTP id wd15so8731140obb.31 for <therightkey@ietf.org>; Mon, 13 Feb 2012 17:00:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=u79ND6RTrtFdPWEEg1T4bIld8rxiaVRTrMRofbA9R2M=; b=sa0DckT+HOgB5ekORZDVPoAlUNEKRAr924mC1C4zY5EEOHZs50XOnPFD5+ZTASD1Nw VF3KpJ39xfi7TkBQH4OEJqvKyvoyxtYMu6T6oJ6iCCyhGwsMAb3uzZqUzJ4qhy7zxGGR DfB1Sxmsqf8qG+MF73b9Arunhf+tUpAs5rf7c=
MIME-Version: 1.0
Received: by 10.182.1.104 with SMTP id 8mr13751473obl.19.1329181219856; Mon, 13 Feb 2012 17:00:19 -0800 (PST)
Received: by 10.182.75.138 with HTTP; Mon, 13 Feb 2012 17:00:19 -0800 (PST)
In-Reply-To: <CAK3OfOiiT6bssAsN3ot8MUiwhQKndMxtU-_f5bvrUSLjE55x9Q@mail.gmail.com>
References: <CAK3OfOhx_xbx1TrJL==BjmqVM8zZKDa8u4rQ7wCpKom4ZZODOg@mail.gmail.com> <gym47alhbg7shuun2mjezwJv4X.penango@mail.gmail.com> <CAK3OfOiiT6bssAsN3ot8MUiwhQKndMxtU-_f5bvrUSLjE55x9Q@mail.gmail.com>
Date: Mon, 13 Feb 2012 20:00:19 -0500
Message-ID: <CAMm+Lwi=ekew5_Sp0UTcS9h4KBCPA6TADOeXD=wL3=-FNbLoEg@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Nico Williams <nico@cryptonector.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: therightkey@ietf.org, mrex@sap.com, Kyle Hamilton <aerowolf@gmail.com>
Subject: Re: [therightkey] Basically, it's about keeping the CAs honest
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Feb 2012 01:00:24 -0000
Before quoting end to end I strongly suggest that you actually read the Clark paper because it probably does not say what you think it does. The argument is actually about complexity and strategies for addressing it. The end-to-end security model is bunk when it comes to PKI because the end points of every communication are either people or corporations and neither can do big number modular arithmetic without some form of computer support. So there will always be at least three hops in your model: Alice <-> Computer <-> Computer <-> Bob This really matters a heck of a lot when you start to consider real world issues like usability. On Mon, Feb 13, 2012 at 7:28 PM, Nico Williams <nico@cryptonector.com> wrote: > On Mon, Feb 13, 2012 at 5:08 PM, Kyle Hamilton <aerowolf@gmail.com> wrote: >> I think the existing mandate that everything be authenticated and tunneled >> end-to-end only hurts the IETF. We need to develop systems within models > > If it's not end-to-end it's hop-by-hop or worse: no security. So you > think hop-by-hop is better than end-to-end? Yes, there are systems > where only hop-by-hop security works, but generally we should prefer > end-to-end. If you have a good argument for !end-to-end I'm all ears. > > Perhaps you don't like trusted third parties. But end-to-end doesn't > imply trusted third parties. Internet scale security has required > trusted third parties to date, but it's not because of the end-to-end > architecture. (Or perhaps I completely misunderstood you.) > > Nico > -- > _______________________________________________ > therightkey mailing list > therightkey@ietf.org > https://www.ietf.org/mailman/listinfo/therightkey -- Website: http://hallambaker.com/
- [therightkey] Basically, it's about keeping the C… Nico Williams
- Re: [therightkey] Basically, it's about keeping t… Martin Rex
- Re: [therightkey] Basically, it's about keeping t… David Conrad
- Re: [therightkey] Basically, it's about keeping t… Phillip Hallam-Baker
- Re: [therightkey] Basically, it's about keeping t… Nico Williams
- Re: [therightkey] Basically, it's about keeping t… David Conrad
- Re: [therightkey] Basically, it's about keeping t… Martin Millnert
- Re: [therightkey] Basically, it's about keeping t… Martin Millnert
- Re: [therightkey] Basically, it's about keeping t… Martin Rex
- Re: [therightkey] Basically, it's about keeping t… Phillip Hallam-Baker
- Re: [therightkey] Basically, it's about keeping t… Martin Rex
- Re: [therightkey] Basically, it's about keeping t… Benjamin Kreuter
- Re: [therightkey] Basically, it's about keeping t… Yoav Nir
- Re: [therightkey] Basically, it's about keeping t… Kyle Hamilton
- Re: [therightkey] Basically, it's about keeping t… Chris Palmer
- Re: [therightkey] Basically, it's about keeping t… Kyle Hamilton
- Re: [therightkey] Basically, it's about keeping t… Kyle Hamilton
- Re: [therightkey] Basically, it's about keeping t… Chris Palmer
- Re: [therightkey] Basically, it's about keeping t… Martin Millnert
- Re: [therightkey] Basically, it's about keeping t… Paul Lambert
- Re: [therightkey] Basically, it's about keeping t… Nico Williams
- Re: [therightkey] Basically, it's about keeping t… Phillip Hallam-Baker
- Re: [therightkey] Basically, it's about keeping t… Kyle Hamilton
- Re: [therightkey] Basically, it's about keeping t… Nico Williams
- Re: [therightkey] Basically, it's about keeping t… Martin Rex
- Re: [therightkey] Basically, it's about keeping t… Kyle Hamilton
- Re: [therightkey] Basically, it's about keeping t… Stephen Farrell
- Re: [therightkey] Basically, it's about keeping t… Kyle Hamilton
- Re: [therightkey] Basically, it's about keeping t… Kyle Hamilton
- Re: [therightkey] Basically, it's about keeping t… Paul Lambert
- Re: [therightkey] Basically, it's about keeping t… Paul Lambert
- Re: [therightkey] Basically, it's about keeping t… Carl Wallace
- Re: [therightkey] Basically, it's about keeping t… Kyle Hamilton
- Re: [therightkey] Basically, it's about keeping t… Paul Lambert
- Re: [therightkey] Basically, it's about keeping t… Martin Rex
- Re: [therightkey] Basically, it's about keeping t… Martin Rex
- Re: [therightkey] Basically, it's about keeping t… Phillip Hallam-Baker
- Re: [therightkey] Basically, it's about keeping t… Tom Ritter
- Re: [therightkey] Basically, it's about keeping t… Phillip Hallam-Baker
- Re: [therightkey] Basically, it's about keeping t… Daniel Kahn Gillmor
- Re: [therightkey] Basically, it's about keeping t… Paul Lambert
- Re: [therightkey] Basically, it's about keeping t… Phillip Hallam-Baker
- Re: [therightkey] Basically, it's about keeping t… Tom Ritter
- Re: [therightkey] Basically, it's about keeping t… Daniel Kahn Gillmor
- Re: [therightkey] Basically, it's about keeping t… Paul Lambert
- Re: [therightkey] Basically, it's about keeping t… Phillip Hallam-Baker