2009/6/26 Michael Ströder <mich...@stroeder.com>:
Nelson B Bolyard wrote:
But only a small minority of mail users use MUAs
that reside on their own computers today. Webmail rules,
That might be true in the U.S. It's not true here in Germany.
and entrusting your private key to your free webmail provider makes
no sense at all.
Yupp.
Ergh. I'm about to go on another rant (one with policy implications, but more
having to do with how MUAs and protecting private keys in the engineering side
of things is related to extremely outdated thinking). Please don't take
offense.
In the Old Thinking[tm], keys were so expensive to create that they should be
guarded like the lifeblood of one's very identity. In the New Thinking, why
not create a temporary proxy certificate for a key created on your webmail
provider? That way, it's easy to tell who did what, within what validity
period.
As long as The Subject's Private Key doesn't get into the hands of anyone, it
can be used to do anything (as allowed by its keyUsage, anyway). It can be
used to delegate powers of the Subject, in the same way that allowing a Power
of Attorney or such can be used in the offline world.
Keys are cheap. The processing power required to create a key is cheap. Why
are we so insistent on not using more than A Single Point Of Failure, which is
solely in the hands of the end-user to not muck up, as part of any of these
protocols we discuss?
-Kyle H
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
