>> Perhaps it's time to move away from public-key entirely! We have a classic
>> paper - Needham and Schroeder, maybe? - showing that private key can do
>> anything public key can; it's just more complicated and less efficient.
>
> Not really. The Needham-Schroeder you're thinking of is the essence of
> Kerberos, and while Kerberos is a very nice thing, it's hardly a replacement
> for public key.
>
> If you use a Needham-Schroeder/Kerberos style system with symmetric key
> systems, you end up with all of the trust problems, but on steroids....
I don't think we're really in disagreement here. Much of what you say later in
the message is that the way we are using symmetric-key systems (CA's and such),
and the way browsers work, are fundamentally wrong, and need to be changed.
And that's really the point: The system we have is all of a piece, and
incremental changes, sadly, can only go so far. We need to re-think things
from the ground up. And I'll stand by my contention that we need to re-examine
things we think we know, based on analyses done 30 years ago. Good theorems
are forever, but design choices apply those theorems to real-world
circumstances. So much has changed, both on the technical front and on
non-technical fronts, that the basis for those design choices has fundamentally
changed.
Getting major changes fielded in the Internet is extremely difficult - see
IPv6. If it can be done at all, it will take years. But the alternative of
continuing on the path we're on seems less desirable every day.
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
