On 12/04/2008 02:49 PM, Ian G:
Telephony was provided to the masses and it's inherently insecure.
Skype provided VoIP to the masses. And it was secure.
You keep claiming it and I tell you that it's not. Of course we can
continue forever here. But it doesn't come close to the same security
requirements as they are applied on the web or mail for example.
And then it added
chat. And it was secure.
Chat was always there, but...Enter Jabber/XMPP. It's secure because
- XMPP is an open standard
- you can use open source server and client software
- uses PKI
- allows you to control your keys
- nobody owns it
- is a decentralized network
That meets the needs of the users.
Yes, THAT meets the needs of the users. Also of the enterprise's. Skype
doesn't.
The PKI world pretty much failed to respond to the authentication
failure of phishing.
The StartCom CAs control panels are not subject to phishing (e.g.
phishing resistant). It's done with PKI.
Until the PKI world stands up and says, yeah, we blew that
one, now listen, here's what you have to do ... nobody will pay much
attention.
Actually it's not PKI, but the software vendors which have to stand up.
Mozilla did! And if it weren't for all the cry-babies, phishable
self-signed certs would be a thing of the past.
PKI didn't fail, the UI failed!
E.g., update the security model.
Yes, I think this is what's happening anyway. Browser vendors recognized
the failures of the last decade and are acting! Interestingly it's
exactly your crowd which has a problem with it :-)
Ergo, low deployment. The market does not lie about this.
Hear hear?! Netcraft recognizes an ever increasing amount of secured
sites every month, soon to be one million. PKI implementations and
deployments are on the rise as never before.
You can preach
to the choir all you like in this forum, but out there in the security
departments of companies, in user-land, in crypo-land, in
social-network-land, and every other land, PKI doesn't have many friends.
Uhahhhaaa....LOL :-)
You make me laugh! Seriously. Apparently we aren't living on the same
planet...
But for what I care, let me predict that PKI hasn't reached its tipping
point of now return yet, but is very close of happening! Once it does,
it will be part of our daily computer-network life as screen-saver's are...
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: [EMAIL PROTECTED]
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
