ietf
[Top] [All Lists]

Re: authenticated email

2003-06-05 09:11:46
This is also true of drivers licenses, or any other identification.

The trust is transitive only to the extent you trust the CERT provider,
and to the extent that the CERT holder hasn't had they private key
compromised.  If the Cert authority can't be trusted, or can be fooled,
then all bets are off. The identity requirements for one large, well
respected Cert provider, for company certs, is a copy of the articles of
incorporation. This, just like birth certificates, can be obtained by
anyone who wants to pay the $15 fee.

Then there is the issue of sloppyiness with the key, or virus infection,
or other ways the private key can be compromised.  If the private key is
compromised, anyone with the private key can sign mail with your Cert.
Partly this is a function of computer hygiene. Not everyone on the planet
will be able to maintain this. It is quite easy to steal a password on a
shared PC.  This isn't hypothetical.  I have a customer where the
employees don't each have a personal computer.  Yet they all send email
via a webmail interface.

This type of solution isn't going to work, either. It might work for some
small groups, but it won't work for everyone, everywhere.

                --Dean

On Thu, 5 Jun 2003, Einar Stefferud wrote:

Wow!  What a mighty leap of faith!

Let me offer a different view...

Stephen's CERT proves that the sender is a person who got a CERT from
some CERT provider and has a contract with that provider, but has no
contract with Anthony, so that when Steven does something bad to
Anthony, like snd him some spam, and Anthony complains to the CERT
provider, the CERT provider is going to say "You don't have any contract
with us, so we do not owe you anything."

In fact, Anthony might not even be findable because of his holding a CERT,
because he was able to obtain the CERT with false information.

So, I have to ask why you trust those CERTS.

I don't trust em just because they come with a contract that denies all kinds
of liabilities in the reliance on or use of those CERTS.

The problem is that I do not trust the transitivity of trust as required by 
PKI.
This is because I have ever seen proof of trust transitivity.

Show me the proof of it and I will believe it, if your proof stands up!

Cheers...\Stef

At 23:08 +0200 6/4/03, Anthony Atkielski wrote:
Stephen writes:

Does my signature on this message make you trust
it more than, say, the ten ads you got this morning
for Viagra?

Yes.

Why or why not?

It proves who you are, which means that you expose yourself to a certain
extent in the event that you do anything inappropriate with your e-mail.
This implies that your intentions are honorable; and even if they are not,
the signature makes you easier to track down and take action against.  So it
makes one feel a bit warmer and fuzzier.

Content-Type: application/x-pkcs7-signature;
    name="smime.p7s"
Content-Disposition: attachment;
    filename="smime.p7s"

Attachment converted: Viking5:smime.p7s (????/----) (00097E08)







<Prev in Thread] Current Thread [Next in Thread>