ietf
[Top] [All Lists]

Re: PKI is weakly secure

2007-07-08 17:01:30
"Masataka" == Masataka Ohta 
<mohta(_at_)necom830(_dot_)hpcl(_dot_)titech(_dot_)ac(_dot_)jp> writes:

    Masataka> Keith Moore wrote:
    >>> Also from the draft: "At least for the strong security
    >>> requirement of BCP 61 [RFC3365], the Security Area, with the
    >>> support of the IESG, has insisted that all specifications
    >>> include at least one mandatory-to-implement strong security
    >>> mechanism to guarantee universal interoperability."
    >>> 
    >>> I do not think this is a factual statement, at least when it
    >>> comes to HTTP, which is where my interest lies.
    >>  note that it is not necessary to have at least one
    >> mandatory-to-implement strong security mechanism to guarantee

    Masataka> What, do you mean, strong security?

    Masataka> Given that CAs of PKI can be compromised as easily as
    Masataka> ISPs of the Internet, PKI is merely weakly secure as
    Masataka> weakly as the plain Internet.

I'd consider DH a fine strong security mechanism in a number of cases.


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf