IETF Logo Mail Archive

Re: [TLS] Please discuss: draft-housley-evidence-extns-00<<

Martin Rex <martin.rex@sap.com> Mon, 29 January 2007 18:58 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBbiH-0004I5-G5; Mon, 29 Jan 2007 13:58:45 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBbiG-0004Hv-8G for tls@ietf.org; Mon, 29 Jan 2007 13:58:44 -0500
Received: from smtpde02.sap-ag.de ([155.56.68.170]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HBbiE-0005Pa-Sd for tls@ietf.org; Mon, 29 Jan 2007 13:58:44 -0500
Received: from sap-ag.de (smtpde02) by smtpde02.sap-ag.de (out) with ESMTP id TAA03855; Mon, 29 Jan 2007 19:58:35 +0100 (MEZ)
From: Martin Rex <martin.rex@sap.com>
Message-Id: <200701291858.TAA15067@uw1048.wdf.sap.corp>
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<<
To: home_pw@msn.com
Date: Mon, 29 Jan 2007 19:58:35 +0100
In-Reply-To: <BAY126-DAV19437672566CEEAE2D22B92A70@phx.gbl> from "home_pw@msn.com" at Jan 29, 7 10:28:32 am
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-SAP: out
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7baded97d9887f7a0c7e8a33c2e3ea1b
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

home_pw@msn.com wrote:
> 
> We have to move on. Class C student Peter has his hands on 
> $100 RIP2-capable 802.11i/802.1X gigabit 
> router/switches/bridge/SPIfirewall, doing radius and EAP-TLS 
> over PPPoE, with hardware IPSEC & GRE tunneling support. He 
> and 14 year old Abdul Rahman XXVIth, son of the supermarket 
> owner where they are sold, are both having fun configuring 
> them to work with the TPM EAP-TLS module in their birthday 
> Vista PCs, doing everything that research students were 
> doing 10 years ago to (slowly) get higher assurance out of 
> commodity technology - created mostly by that "evil" DoD 
> hidden agenda: its COTS policy.

High assurance at that level is a non-issue for everyone except those
secret cellar dwellers.

The only purpose that it may serve is either abusive or
locking out (free and OpenSource) competition from entire markets.

One of the most serious security problems that we have on the
internet today is phising and trojaning.  TLS Evidence is going
to make that only worse.


An adequate solution to the Ecommerce stuff would be a standardized
application-level information exchange protocol for transfering
signature request, signed content and signature verification and
trusted / highly assured visualization&signing devices somewhere
between a mobile phone and OLTP (i.e. <$50).  That is the cheapest
and most foolproof approach, and will leave the PC software platform
entirely open for development and competition for everyone.


The rest of the COTS PCs and software will continue its constand
feature creep, and remain bug-ridden and virus&worm plagued for
more than a decade.


-Martin

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email