Re: PKI: Only Mostly Dead
I think there is even less "I" than most people suspect. I've recently taken to some manual sampling of SSL domain name server certificates ... and finding certificates that have expired ... but being accepted by several browsers that i've tested with (no complaints or fault indications). there was thread in another forum where I observed that back when originally working on this payment/ecommerce thing for this small client/server startup that had invented these things called SSL & HTTPS ... my wife and I had to go around to various certificate manufactures with regard to some due diligence activity. I think w/o exception that they all made some comment about the "PK" being technical ... and the "I" being service ... and providing "service" is an extremely hard thing to do (and they hadn't anticipated how really hard it is). some past ssl domain name certificate threads: http://www.garlic.com/~lynn/subtopic.html#sslcerts As i've observed previously there are a number of ways that the technical stuff for "PK" can be done w/o it having to equate to (capital) PKI ... some recent threads on this subject: http://www.garlic.com/~lynn/aepay10.htm#31 some certification & authentication landscape summary from recent threads http://www.garlic.com/~lynn/aepay10.htm#32 some certification & authentication landscape summary from recent threads http://www.garlic.com/~lynn/aepay10.htm#34 some certification & authentication landscape summary from recent threads http://www.garlic.com/~lynn/aepay10.htm#35 some certification & authentication landscape summary from recent threads http://www.garlic.com/~lynn/aadsm11.htm#18 IBM alternative to PKI? http://www.garlic.com/~lynn/aadsm11.htm#19 IBM alternative to PKI? http://www.garlic.com/~lynn/aadsm11.htm#20 IBM alternative to PKI? http://www.garlic.com/~lynn/aadsm11.htm#21 IBM alternative to PKI? http://www.garlic.com/~lynn/aadsm11.htm#22 IBM alternative to PKI? http://www.garlic.com/~lynn/aadsm11.htm#23 Proxy PKI. Was: IBM alternative to PKI? http://www.garlic.com/~lynn/aadsm11.htm#24 Proxy PKI. Was: IBM alternative to PKI? http://www.garlic.com/~lynn/aadsm11.htm#25 Proxy PKI. Was: IBM alternative to PKI? http://www.garlic.com/~lynn/aadsm11.htm#26 Proxy PKI http://www.garlic.com/~lynn/aadsm11.htm#27 Proxy PKI http://www.garlic.com/~lynn/aadsm11.htm#30 Proposal: A replacement for 3D Secure http://www.garlic.com/~lynn/aadsm11.htm#32 ALARMED ... Only Mostly Dead ... RIP PKI http://www.garlic.com/~lynn/aadsm11.htm#33 ALARMED ... Only Mostly Dead ... RIP PKI http://www.garlic.com/~lynn/aadsm11.htm#34 ALARMED ... Only Mostly Dead ... RIP PKI http://www.garlic.com/~lynn/aadsm11.htm#35 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda http://www.garlic.com/~lynn/aadsm11.htm#36 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda II http://www.garlic.com/~lynn/aadsm11.htm#37 ALARMED ... Only Mostly Dead ... RIP PKI http://www.garlic.com/~lynn/aadsm11.htm#38 ALARMED ... Only Mostly Dead ... RIP PKI ... part II http://www.garlic.com/~lynn/aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda http://www.garlic.com/~lynn/aadsm11.htm#40 ALARMED ... Only Mostly Dead ... RIP PKI ... part II http://www.garlic.com/~lynn/aadsm11.htm#42 ALARMED ... Only Mostly Dead ... RIP PKI ... part III [EMAIL PROTECTED] at 6/1/2002 2:18am wrote: >Peter Gutmann should be declared an international resource. Thankyou Nobody. You should have found the e-gold in your acount by now : -). >Only one little thing mars this picture. PKI IS A TREMENDOUS SUCCESS WHICH IS >USED EVERY DAY BY MILLIONS OF PEOPLE. Of course this is in reference to the >use of public key certificates to secure ecommerce web sites. Every one of >those https connections is secured by an X.509 certificate infrastructure. >That's PKI. "Opinion is divided on the subject" -- Captain Rum, Blackadder, "Potato". The use with SSL is what Anne|Lynn Wheeler refer to as "certificate manufacturing" (marvellous term). You send the CA (and lets face it, that's going to be Verisign) your name and credit card number, and get back a cert. It's just an expensive way of doing authenticated DNS lookups with a ttl of one year. Plenty of PK, precious little I. >The truth is that we are surrounded by globally unique identifiers and we use >them every day. URLs, email addresses, DNS host names, Freenet selection >keys, ICQ numbers, MojoIDs, all of these are globally unique! >"[EMAIL PROTECTED]" is a globally unique name; you can use that >address from anywhere in the world and it will get to the same mailbox. You can play with semantics here and claim the exact opposite. All of the cases you've cited are actually examples of global distinguisher + locally unique name. For example the value 1234567890 taken in isolation could be anything from my ICQ number to my shoe size in kilo-angstroms, but if you view it as the pair { , } then it makes sense (disclaimer: I have no idea whether that's either a valid ICQ number or my shoe size
Re: PKI: Only Mostly Dead
> > >It's clearly not your shoe size in kilo-angstroms, unless you have MIGHTY > > >large feet. According to 'units', that works out to 4860 inches. > > > > Obviously it's my hat size then. > > I always knew you had a fat head ;) The real point here that 100% context-free situations are very infrequent and when you run into one you should immediately suspect cyphertext, in broad meaning. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
Re: PKI: Only Mostly Dead
Derek Atkins <[EMAIL PROTECTED]> >[EMAIL PROTECTED] (Peter Gutmann) writes: >> For example the value >>1234567890 taken in isolation could be anything from my ICQ number >>to my shoe size in kilo-angstroms, but if you view it as the pair { >>, } then it makes sense >>(disclaimer: I have no idea whether that's either a valid ICQ number >>or my shoe size in kilo-angstroms). > >It's clearly not your shoe size in kilo-angstroms, unless you have MIGHTY >large feet. According to 'units', that works out to 4860 inches. Obviously it's my hat size then. Peter.
Re: PKI: Only Mostly Dead
[EMAIL PROTECTED] (Peter Gutmann) writes: > >It's clearly not your shoe size in kilo-angstroms, unless you have MIGHTY > >large feet. According to 'units', that works out to 4860 inches. > > Obviously it's my hat size then. I always knew you had a fat head ;) > Peter. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH [EMAIL PROTECTED]PGP key available
Re: PKI: Only Mostly Dead
[EMAIL PROTECTED] (Peter Gutmann) writes: > For example the value > 1234567890 taken in isolation could be anything from my ICQ number > to my shoe size in kilo-angstroms, but if you view it as the pair { > , } then it makes sense > (disclaimer: I have no idea whether that's either a valid ICQ number > or my shoe size in kilo-angstroms). It's clearly not your shoe size in kilo-angstroms, unless you have MIGHTY large feet. According to 'units', that works out to 4860 inches. -derek -- Derek Atkins Computer and Internet Security Consultant [EMAIL PROTECTED] www.ihtfp.com
Re: PKI: Only Mostly Dead
>Peter Gutmann should be declared an international resource. Thankyou Nobody. You should have found the e-gold in your acount by now :-). >Only one little thing mars this picture. PKI IS A TREMENDOUS SUCCESS WHICH IS >USED EVERY DAY BY MILLIONS OF PEOPLE. Of course this is in reference to the >use of public key certificates to secure ecommerce web sites. Every one of >those https connections is secured by an X.509 certificate infrastructure. >That's PKI. "Opinion is divided on the subject" -- Captain Rum, Blackadder, "Potato". The use with SSL is what Anne|Lynn Wheeler refer to as "certificate manufacturing" (marvellous term). You send the CA (and lets face it, that's going to be Verisign) your name and credit card number, and get back a cert. It's just an expensive way of doing authenticated DNS lookups with a ttl of one year. Plenty of PK, precious little I. >The truth is that we are surrounded by globally unique identifiers and we use >them every day. URLs, email addresses, DNS host names, Freenet selection >keys, ICQ numbers, MojoIDs, all of these are globally unique! >"[EMAIL PROTECTED]" is a globally unique name; you can use that >address from anywhere in the world and it will get to the same mailbox. You can play with semantics here and claim the exact opposite. All of the cases you've cited are actually examples of global distinguisher + locally unique name. For example the value 1234567890 taken in isolation could be anything from my ICQ number to my shoe size in kilo-angstroms, but if you view it as the pair { , } then it makes sense (disclaimer: I have no idea whether that's either a valid ICQ number or my shoe size in kilo-angstroms). (This is very much a philosophical issue. Someone on ietf-pkix a year or two back tried to claim that X.500 DNs must be a Good Thing because RFC 822 email address and DNS names and whatnot are hierarchical like DNs and therefore can't be bad. I would suspect that most people view them as just dumb text strings rather than a hierarchically structured set of attributes like a DN. The debate sort of fizzled out when no-one could agree on a particular view). I think the unified view is that what you need for a cert is a global distinguisher and a locally meaningful name, rather than some complex hierarchical thing which tries to be universally meaningful. Frequently the distinguisher is implied (eg with DNS names, email addresses, "for use within XYZ Copy only", etc), and the definition of "local" really means "local to the domain specified in the global distinguisher". I'm not sure whether I can easily fit all that into the paper without getting too philosophical - it was really meant as a guide for users of PKI technology. Peter.
Re: PKI: Only Mostly Dead
[Trying to get this posted to the moderated cryptography list...] Peter Gutmann should be declared an international resource. With one foot in the commercial world, one in the government world and one in the cypherpunk world, he has a rare perspective on the big security issues. His irreverance, iconoclasm, frankness and humor make his essays a joy to read. Having said that, his recent analysis[1] falls prey to the conventional wisdom in certain respects. This gives him a curious blindness which contrasts with his usual clear vision. He scrupulously shines his light on all the dirty corners which the powers-that-be would like to keep hidden, all the while ignoring the elephant standing in the middle of the room. First is the fundamental claim that PKI is not working. Peter goes into detail about all the problems that are keeping PKI from success: CRLs, user interface problems, cost issues, etc. It's a sad litany of failure. Only one little thing mars this picture. PKI IS A TREMENDOUS SUCCESS WHICH IS USED EVERY DAY BY MILLIONS OF PEOPLE. Of course this is in reference to the use of public key certificates to secure ecommerce web sites. Every one of those https connections is secured by an X.509 certificate infrastructure. That's PKI. One might even go so far as to say that PKI saved the internet, by allowing people to engage in commerce without fear. People have been trained to look for the lock icon which tells them that they have a secure connection and can safely enter their credit card information. Certainly it is true that the internet today would be vastly different if we did not have a deployed, successful, and heavily utilized public key infrastructure. Any discussion of PKI's supposed failure ought to at least recognize that it has been an overwhelming success in this extremely important market segment. Another, less fundamental but equally annoying, blind spot is Peter's allegience to what is conventional wisdom in certain circles, namely that global names do not exist. It's one thing for Carl Ellison to make such a claim; after all, he's worn his SPKI blinders for so long that they have practically grafted themselves onto his head. But someone like Peter ought to be capable of a little more independent thought. Peter even goes so far as to refer to "a locally unique identifier such as an email address." Anyone who would refer to an email address as being only locally unique is blinding himself most carefully. The truth is that we are surrounded by globally unique identifiers and we use them every day. URLs, email addresses, DNS host names, Freenet selection keys, ICQ numbers, MojoIDs, all of these are globally unique! "[EMAIL PROTECTED]" is a globally unique name; you can use that address from anywhere in the world and it will get to the same mailbox. The existence of globally unique identifiers may not fit into some people's ideology but it is a matter of fact all the same. And likewise with the fact that there are extremely important areas where PKI has been massively successful. Let's hope that Peter's legendary clear vision will allow him to pierce the orthodoxy that comes from his friends as easily as that which comes from outsiders. === [1] http://www.cs.auckland.ac.nz/~pgut001/pubs/notdead.zip