Re: PKIs and trust
2003-12-15 13:02:06
At 4:31 +0900 12/16/03, Masataka Ohta wrote:
Stephen Kent;
I've authored several papers that capture what I see as the essence
of your characterizations, in a simple form. The central notion is
that most of these relationships are NOT about trust, but rather
about authority. if one views them in this fashion, then it
becomes apparent that the entities that are authoritative for
identification and authorization assertions should be CAs, and we,
as individuals with many distinct identities, should expect to hold
many certs, each corresponding to one identity.
The problem for such PKI is that, if we have certs based on
existing trust (e.g. I trust some organization have an authority
to issue passports) relationships, we can exchange shared secret
using the relationships that we don't need any public keys.
In principle, yes, but in practice it is preferable to use public
keys for a variety of security reasons, not to mention the existence
of a lot of software that can make use of certs and public keys.
This is what happens in the physical world with most physical
credentials: passports, frequent traveller cards, etc.
Our trust relationships in these cases are so strong that we
can be delivered not only PINs (shared secret) but also physical
credentials.
Yes, but it is cheaper to issue credentials in the form of certs and
avoid postage and related physical credential costs. Also, PINs are
meant to be remembered by users and thus are mire vulnerable to
guessing than key pairs. So we have to put into place attack
monitoring and response schemes, e.g., locking down an account after
N bad login attempts, which creates DoS opportunities! So there are
many reasons to prefer PKI here, although there are downsides too.
Then, who need public key cryptography?
Thus, many expect thatm once a PKI is formed, it can create any
trust relationship for anything.
We know a PKI does not.
agreed.
The next question is, does a, two or millions of PKIs worth having?
I don't think they do.
I don't know how many we need. But, when I look in my travel bag I
see about 30+ paper and plastic credentials, all of which could be
turned into certs under the right circumstances, without creating new
"trusted" organizations, and with the benefit of greater security and
less bulk (bits are thin and light weight!).
Steve
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: PKIs and trust, (continued)
- Message not available
- Re: PKIs and trust, Keith Moore
- Re: PKIs and trust, Masataka Ohta
- Re: PKIs and trust, Leif Johansson
- Re: PKIs and trust, Valdis . Kletnieks
- Re: PKIs and trust, Keith Moore
- Re: PKIs and trust, Stephen Kent
- Re: PKIs and trust, Masataka Ohta
- Re: PKIs and trust,
Stephen Kent <=
- Re: PKIs and trust, Masataka Ohta
- Re: PKIs and trust, Stephen Kent
- Re: PKIs and trust, Masataka Ohta
- Message not available
- Re[2]: PKIs and trust, Anthony G. Atkielski
- Re: PKIs and trust, Franck Martin
Re: ITU takes over?, Ole J. Jacobsen
Re: ITU takes over?, Ole J. Jacobsen
www.isoc.org unreachable when ECN is used [was: Re: ITU takes over?], Simon Leinen
|
|
|