Daniel Kahn Gillmor <dkg(_at_)fifthhorseman(_dot_)net> writes:
I'm looking for concrete guidance that we can offer to operators of keystores
and clients of keystores today.
Maybe we can look at X.509 for an example. During the interminable X.509
standardisation process, there was an equally interminable debate about
whether to make revocations easy (the emergency handbrake model) or hard (the
DoS-resistance model). The DoS resistance guys won out protocol-wise, and CAs
won out business-wise because it costs money to deal with revocations so
discouraging them as much as possible cuts back on expenses.
In the 20-25 years since then, there have, to the best of my knowledge, been
zero malicious revocations. I counted them, twice. There have however been
vast numbers of certs not revoked that should have been, or revoked far too
late to do any good, typically for malware-signing, phishing, or just
lost/password forgotten/eaten by the cat/whatever where there's no proof of
malicious use but they should still have been declared invalid for general
hygiene reasons.
So at least for X.509 the emergency-handbrake model should have been the one
to use but, typically for X.509, they went with the wrong option. When a bus
is about to crash, you need to stop it promptly, not argue about who is and
isn't authorised to hit the brakes.
Peter.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp