Re: Engineering to deal with the social problem of spam
On Tuesday, Jun 10, 2003, at 22:12 US/Pacific, [EMAIL PROTECTED] wrote: [...] There's a *large* number of people still in the 386 world, who are financially unable to upgrade. That same hashcash request that will not inconvenience my hardware will probably kill their box for the better part of an hour. You are concluding that they therefor have an interest in paying to receive spam??? Yup. I am. If anything, spam is a *bigger* problem for those on older hardware, simply because they have fewer computrons available to process it - so you're basically creating a regressive tax here. And I'm not going to apologize for proposing it. Look, the phenomenon of spam is already a regressive tax, in and of itself. I'm just looking for a way to get some useful work done in exchange for receiving it. And I certainly won't mind if someone else is interested in paying me for the option to use the result of whatever useful work your CPU has to do to get your message in front of my eyeballs. Just because the Internet routes around censorship doesn't mean that we have the moral right to censor those people who need it the most - those in underdeveloped countries with repressive regimes. Who's talking about censorship? I'm not proposing that we outlaw SMTP. -- j h woodyatt <[EMAIL PROTECTED]> that's my village calling... no doubt, they want their idiot back.
Re: Engineering to deal with the social problem of spam
On Tue, 10 Jun 2003 10:08:15 PDT, james woodyatt <[EMAIL PROTECTED]> said: > And as for those too poor to keep their CPU's current, Let Them Eat > SMTP. They clearly have an unhealthy interest in paying to receive > MAKE MONEY FAST spam, so we should encourage them to continue using > SMTP anyway. The Internet interprets censorship as damage and routes > around it. Let SMTP continue to serve the useful function it serves: > carrying spam messages. Ahem. I have several million dollars of compute resources at my disposal. It will take a fairly large hashcash request to make it painful for me. There's a *large* number of people still in the 386 world, who are financially unable to upgrade. That same hashcash request that will not inconvenience my hardware will probably kill their box for the better part of an hour. You are concluding that they therefor have an interest in paying to receive spam??? If anything, spam is a *bigger* problem for those on older hardware, simply because they have fewer computrons available to process it - so you're basically creating a regressive tax here. Just because the Internet routes around censorship doesn't mean that we have the moral right to censor those people who need it the most - those in underdeveloped countries with repressive regimes. Just because the Great Firewall of China exists doesn't mean we should add injury to insult by disenfranchising those who manage to get around the firewall. There is junk fax - and the Berlin Wall was brought down by fax machines. Let's not get this wrong. pgp0.pgp Description: PGP signature
Re: Certificate / CPS issues
Anthony, I asked Christian for a reason. This appears to be relatively new. It isn't clear, from either the article or his note, how much of it is deployed already.It is linked, the article says, to Win XP and not to IE -- there are different procedures, it says, for IE under Win 2000, ME and earlier than are proposed (apparently going forward) for XP. It strongly implies that, if there are options to control this, they are (will be?) Windows options, not (specifically) IE options (although IE might well be able to access them).I don't have a copy of Win XP here, much less one with this kit installed, so I have no idea whether there is an easily-accessible option that permits turning "ask me before installing a cert" on, or what information that question provides. The article might lead a reasonable person to believe that those things had been turned off, with no options available to the casual user, in the interest of a good user experience (something I can certainly make a case for, even while preferring that they not do it to me). But, I don't know, which is why I asked. And, unless you are in a position to speak authoritatively for Microsoft,... regards, john --On Wednesday, 11 June, 2003 01:07 +0200 Anthony Atkielski <[EMAIL PROTECTED]> wrote: John writes: Now, if I read this correctly, there is no more choice ... You read incorrectly. Default behavior is not mandatory behavior. Conversely, if I'm part of an enterprise that issues its own certs for internal purposes, it doesn't look as if I can make those certs usable in the XP environment, since such internal certs don't satisfy the "broad business value to Microsoft platform customers" criterion and hence will not be accepted by Microsoft for use in the specified environment. You read incorrectly, again. You can add any certificates you want to your machines. You just can't get Microsoft to make them publicly available for distribution by MS without convincing them that doing so is worthwhile for Microsoft, which makes perfect sense. I hope this is only part of the story, and that user options to accept some certs (even if they are not accepted by Microsoft) and reject others (even if they are accepted by Microsoft) still exist in some usable form. They do. Look under Internet Options in Internet Explorer.
Re: Certificate / CPS issues
John writes: > Now, if I read this correctly, there is no > more choice ... You read incorrectly. Default behavior is not mandatory behavior. > Conversely, if I'm part of an enterprise that > issues its own certs for internal purposes, it > doesn't look as if I can make those certs usable > in the XP environment, since such internal > certs don't satisfy the "broad business value to Microsoft > platform customers" criterion and hence will not be accepted by > Microsoft for use in the specified environment. You read incorrectly, again. You can add any certificates you want to your machines. You just can't get Microsoft to make them publicly available for distribution by MS without convincing them that doing so is worthwhile for Microsoft, which makes perfect sense. > I hope this is only part of the story, and that > user options to accept some certs (even if they are > not accepted by Microsoft) and reject others (even > if they are accepted by Microsoft) still > exist in some usable form. They do. Look under Internet Options in Internet Explorer.
RE: Certificate / CPS issues
--On Tuesday, 10 June, 2003 09:12 -0700 Christian Huitema <[EMAIL PROTECTED]> wrote: The procedures used to determine the list of certification authorities in Windows XP, Internet Explorer and other Microsoft products are documented at: http://www.microsoft.com/technet/treeview/default.asp?url=/tec hnet/security/news/rootcert.asp Christian, Others may respond differently, but I found one part of this very interesting. The text says, in part: When a user visits a secure Web site (that is, by using HTTPS), reads a secure e-mail (that is, S/MIME), or downloads an ActiveX control that uses a new root certificate, the Windows XP certificate chain verification software checks the appropriate Windows Update location and downloads the necessary root certificate. To the user, the experience is seamless. The user does not see any security dialog boxes or warnings. The download happens automatically, behind the scenes. Suppose a user has sufficient expertise and desire to make individual evaluations of which CA certs to accept and from what CAs. With the earlier model, she could look through the list, adding and deleting root certs according to her preferences and using Microsoft's acceptance of a given cert as a guide (to whatever extent she saw that as appropriate). Now, if I read this correctly, there is no more choice: any cert accepted by Microsoft is automatically trusted by the desktop software and the user can't say, e.g., "I know that XYZ Corp, who met Microsoft's criteria, was just bought out by ABC Corp; I believe that ABC are scum and don't want to trust any cert issued by any subsidiary of theirs, even if it was issued pre-merger." Conversely, if I'm part of an enterprise that issues its own certs for internal purposes, it doesn't look as if I can make those certs usable in the XP environment, since such internal certs don't satisfy the "broad business value to Microsoft platform customers" criterion and hence will not be accepted by Microsoft for use in the specified environment. I hope this is only part of the story, and that user options to accept some certs (even if they are not accepted by Microsoft) and reject others (even if they are accepted by Microsoft) still exist in some usable form. regards, john
Re: Certificate / CPS issues
Haren writes: > Some CA has sold their private key to get out > of bankruptcy. Which one?
Re: Engineering to deal with the social problem of spam
everyone-- Here's a silly idea: let's try adding an option for hashcash to APEX. (Or has someone already done that?) If the problem with hashcash is that worms can steal CPU cycles to generate hashcash, then let's attack the problem of worms separately from the problem of spam suppression. If the problem with hashcash is that poor people are taxed more heavily than rich people for the utility of spam suppression, then-- well-- they should upgrade their CPU's, now shouldn't they? And as for those too poor to keep their CPU's current, Let Them Eat SMTP. They clearly have an unhealthy interest in paying to receive MAKE MONEY FAST spam, so we should encourage them to continue using SMTP anyway. The Internet interprets censorship as damage and routes around it. Let SMTP continue to serve the useful function it serves: carrying spam messages. -- j h woodyatt <[EMAIL PROTECTED]>
RE: Certificate / CPS issues
> > I can not simply, they could be fake, and there > > is no establishment of trust, especially if the > > keystore component is written by Microsoft. > > Why are keystore components written by Microsoft peculiarly unworthy of > trust? The procedures used to determine the list of certification authorities in Windows XP, Internet Explorer and other Microsoft products are documented at: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/news/rootcert.asp -- Christian Huitema
Re: Certificate / CPS issues
Haren writes: > I can not simply, they could be fake, and there > is no establishment of trust, especially if the > keystore component is written by Microsoft. Why are keystore components written by Microsoft peculiarly unworthy of trust?
RE: Certificate / CPS issues
Christian Huitema wrote: > The PKI and the PGP model both have risks, just different risks. The PGP > model only involves the two parties; it brings the risk that the two > parties misidentify each other. The PKI model involves a third party, > supposedly trusted by both players; it brings the risk that the third > party may make mistakes, or that the two parties mistakenly assign too > much trust to a third party. Also, any large centralized service is > bound to become a target for government and other entities. Absolutely! The risk is narrower in PGP. We have already had a case were the third-party made a mistake. Some CA has sold their private key to get out of bankruptcy.
RE: Certificate / CPS issues
>You have more control. More control does not >mean less risk. Control is needed in risk management.
RE: Certificate / CPS issues
>You have more control. More control does not > mean less risk. You can not gain trust by someone showing me a certificate. Trust is something that has to be controlled by the user and not trust chains in the certificate.
RE: Certificate / CPS issues
The risk is reduced by starting with an empty keystore, when I have enough trust in the person then I added the person. When the trust is comprised, I remove the person. And before using my private key, I must enter a pass phrase as the private key is encrypted with this pass phrase. In X.509, it gives me a keystore with lots of certificates that I may not be able to trust. How do trust these certificates? I can not simply, they could be fake, and there is no establishment of trust, especially if the keystore component is written by Microsoft. "Make a determination in your mind whether this key actually belongs to the person whom you think it belongs to, based on available evidence."
RE: Certificate / CPS issues
OK, but in the interests of mutual group understanding, lets not call non-chains chains. So, I must ask the question "When is a chain, not a chain?" I have never seen a chain that had more than one strand of links. Tire "chains" are not a chains. They are a set of chains linked together to wrap around a three dimensional tire, which cannot be done with a single "chain"? Do you think that when chains are linked in parallel, with multiple paths in parallel, which formed some kind of maze, that somehow this makes it not susceptible to our weakest link problem. By my logic, putting a strong link in parallel with a weak link, does nothing to increase the strength of a maze of chains, in terms of making it harder to break security. there still remains a weakest path, which uses that path with the weakest link. So, I suggest we stop messing with such messy use of language and begin to agree on the meaning of our words. So "What is a chain?" Until we can decide what is a chain, all discussion about chains is just a waste of time. Cheers...\Stef At 21:35 -0700 6/9/03, Hallam-Baker, Phillip wrote: >That depends how you connect the links. > >A serial chain is only as strong as its weakest link. > > >Metaphor is no substitute for analysis, as stephen jay gould frequently >obsered humans are poor judges of probability > > -Original Message- >From: Einar Stefferud >Sent: Mon Jun 09 20:38:27 2003 >To:Hallam-Baker, Phillip >Cc:[EMAIL PROTECTED] >Subject: RE: Certificate / CPS issues > >Seems to me that if it is a chain (?) ... >Then it is only as strong as its weakest link, which ever link it might >be...\Stef > >At 20:11 -0700 6/9/03, Hallam-Baker, Phillip wrote: > >Number of steps is not a determinant of security. > > > >Strength of each step and of the agregate chain is what matters. > > > >Strength comes from discipline and process. > > > >The surest way to create insecurity is to fear everything you cannot >control > > > > > > > > -Original Message- > >From:Christian Huitema > >Sent:Mon Jun 09 17:32:51 2003 > >To: Hallam-Baker, Phillip; [EMAIL PROTECTED] > >Subject: RE: Certificate / CPS issues > > > > > I dispute the lower risk claim. You have more control. More control > >does > > > not mean less risk. > > > >The PKI and the PGP model both have risks, just different risks. The PGP > >model only involves the two parties; it brings the risk that the two > >parties misidentify each other. The PKI model involves a third party, > >supposedly trusted by both players; it brings the risk that the third > >party may make mistakes, or that the two parties mistakenly assign too > >much trust to a third party. Also, any large centralized service is > >bound to become a target for government and other entities. > > > >-- Christian Huitema
