On 09/30/13 17:43, Adam Back wrote: > Anyway and all that because we are seemingly alergic to using client side > keys which kill the password problem dead.
Hi Adam, I wondered about that 'allergy' myself. I have some ideas about that and I'm curious to learn about other. Here are mine: 1. The long standing belief is that client systems are untrustworthy. Any malware will go after the client certificates. So without proper sandboxing, capability-security and other partitioning mechanisms, the user is toast. The most popular consumer-OS was (is?) also the most leaky. Where was The Hurd when we needed it? Why did people fall for Unix when Multics was so much better? 2. It's easier to change a password in a database than to talk the user through creating an submitting a new pub/priv key pair. 3. The crypto-programs were too diffucult to use. Requiring end users to make trust decisions about entities they never heard of. Who is Verisign and why should I trust them 4. Client certificates from the big CA-peddlers are akin digital passports, eliminating all non-repudiation. Ie, a privacy problem. 5. Only recently, computers have become powerful enough to encrypt everything, all the time. Now we can afford to burn cpu cycles on encryption without getting usability to suffer. Guido.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
