Phillip Hallam-Baker wrote: > > Another mistake was the absolutist insistence on end to end security models > despite abundant evidence that people could not make use of them. Military > communications use end-to-end where possible but they have the luxury of > specialist trained cipher clerks and coms operators.
I don't think this is correct. The end-to-end security model is actually the only one that did work, provided that it could be used in an ad-hoc fashion PGP, SSH, WPA/WPA2 -- i.e. without any need to involve any third party, pay fees and go through a very bureaucratic setup process and end up with a severely constrained, lifetime-limited result. Things that failed badly are those that are severly usability-impaired for ad-hoc usage (such as TLS) or completely locked against ad-hoc usage (such as S/MIME), simply because the technology completely ignored how security works for humans in real life: it starts ad-hoc with a leap-of-faith on initial encounter and trust develops over time through memorizing experience of previous encounters. The original SSH approach is really the most natural fit, and it just worked out-of-the box for Linux installations (I realize I haven't been installing Linux Distros for a couple of years ...) Did this change in the meantime? A devastatingly large number of Web-Servers and WebShops has been misapplying SSL/TLS. And it takes Foolproof point-and-click exploits such as Firesheep to make businesses move slighlty towards better security from the irresponsible state they've been holding for years in full awareness of their own negligence. -Martin _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
