ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PKI is weakly secure (was Re: Updating the rules?)

2007-07-11 00:56:45
from [Eliot Lear] [Permanent Link] 
Doug,
When short cuts are taken in PKI as with SMTP, there should be some concern.
DKIM voids vetted CAs, as the public key is obtained from DNS, this provides the URL association directly.
It's really not the same. The implications of a compromised DKIM key are bilateral *at best*, whereas a CA, particularly a well known one will have far broader impact.
But that's not what I was talking about. What I was referring to was Ohta-san's implication that PKI is fundamentally flawed. Perhaps it is, but I don't see anything better for key distribution to millions of people. If you, he, or anyone else comes up with something better, I'm all ears. 

Eliot

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PKI is weakly secure, Masataka Ohta
Next by Date:  Re: PKI is weakly secure (was Re: Updating the rules?), Masataka Ohta
Previous by Thread:  Re: PKI is weakly secure (was Re: Updating the rules?), Douglas Otis
Next by Thread:  Re: PKI is weakly secure (was Re: Updating the rules?), Masataka Ohta
Indexes:  [Date] [Thread] [Top] [All Lists]