On Wed, Apr 9, 2014 at 1:17 PM, Dave Crocker <dhc(_at_)dcrocker(_dot_)net>
wrote:
On 4/9/2014 10:49 AM, Noel Chiappa wrote:
> the way forward is pretty straightforward: Take the S/MIME message
> format and graft the PGP web of trust and fingerprint trust models
onto
> it.
I agree wholly with your prefatory observation, and like your suggested
solution.
The interesting premise in the suggestion is that a web of trust key
management model is useful at Internet scale.
I don't understand why anyone believes that.
Perhaps they believe that I have the solution because they actually
read my proposal where I suggest something very different and back it
with like actual math and an attack model.
The actual code is designed in such a way that people can plug in any
trust model of their choice however.
https://datatracker.ietf.org/doc/draft-hallambaker-prismproof-trust/
http://www.youtube.com/watch?v=PBFnBpWkK8M
There are problems with both the S/MIME and the Web of Trust models
which I discuss in the video presentation.
What I am proposing is to combine features of both trust models and in
addition ground the system in time using Certificate Transparency.
What this means is that a given key can be accredited in both models
simultaneously.
The metric that I apply is the time based work factor for the
attacker. Timestamping documents against an append only notary that is
a member of a federation of such notaries can effectively raise the
work factor for the attacker to infinity after that point in time.
--
Website: http://hallambaker.com/