RE: www.freeprotcols.org
Don McMorris wrote: > Bill Cunningham should be added to the list of trolls (just below Mr. > Fleming). > Bill Cunningham is NOT a troll. Mr Fleming is far more worst.
RE: Palladium (TCP/MS)
> Microsoft doesn't have much control over the Internet. Well, Microsoft has some reponsiblity since they produce some the server software and client software.
RE: authenticated email
> the CA guarantees that the identification information contained in the certificate Each CA has its own CPS. How do you the CA conduct its CPS accordingly?
Re: authenication email
My question is how can you trust the CA? According to http://mcg.org.br/cert.htm, you can trust the CA: A characteristic of X.509 is that it predicates that almost all issues that involve semantics or trust are delegated to a CA's CPS -- Certification Practice Statement -- which is declared out of scope in relationship to X.509. The CA's CPS is the governing law that the CA presents to potential clients and represents a top-down framework. While some consider the CPS mechanism to be a good way to introduce flexibility in X.509 because each CA can have their own rules for different needs, such mechanism can be considered as X.509's "black-hole" and cannot be harmonized for different CAs. Thus, while this "black-hole" mechanism affords a "solution" to the undefined semantic and trust features in X.509 (as they are declared out of scope and delegated to the CPS), such "laissez faire" attitude leaves ample room for strong differences between CAs and for a biased "take-it-or-leave it" attitude regarding what a CA subscriber can expect. Further, it does not scale to a planetary Internet because even though it could work in a parochial Internet where everyone knows what to expect and share a common law and trust system, it is doubtful that it could be always successfully applied between competing businesses or different states in a country -- much less between different countries.
RE: Certificate / CPS issues
Verisign's declaimer which is part of the CPS. This would the CA simply endorses the subscriber's information. How can you trust a CA with a disclaimer like this? "VERISIGN DISCLAIMS ANY WARRANTIES WITH RESPECT TO THE SERVICES PROVIDED BY VERISIGN HEREUNDER INCLUDING WITHOUT LIMITATION ANY AND ALL IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. VERISIGN MAKES NO REPRESENTATION OR WARRANTY THAT ANY CA OR USER TO WHICH IT HAS ISSUED A DIGITAL ID IN THE VERISIGN SECURE SERVER HIERARCHY IS IN FACT THE PERSON OR ORGANIZATION IT CLAIMS TO BE WITH RESPECT TO THE INFORMATION SUPPLIED TO VERISIGN. VERISIGN MAKES NO ASSURANCES OF THE ACCURACY, AUTHENTICITY, INTEGRITY, OR RELIABILITY OF INFORMATION CONTAINED IN DIGITAL IDS OR IN CRLs COMPILED, PUBLISHED OR DISSEMINATED BY VERISIGN, OR OF THE RESULTS OF CRYPTOGRAPHIC METHODS IMPLEMENTED."
RE: authenticated email
If SMTP server uses certification authentication to trace all messages easily. And each mail adds the SMTP's server's public key and then is signed by the SMTP on the message, so when you receive it you know if the signature does not verify it has been tampered.
RE: authenticated email
If message contains the public key of SMTP (which could be made-up), the internet header and message is signed. If public key stated does not encrypt the message digest. This would mean it has been tampered/modified. If the public key stated is correct, when it verifies the message digest. The message digest will include the message and the internet headers. If this is successful, you certain trust the internet headers which can used to trace.
RE: Certificate / CPS issues
>Furthermore, Verisign already compromised its trust model in the worst way >some time ago when it let a complete stranger obtain a Microsoft signing >certificate. The trust model comprised due to failure on the CA's part. The CA had failed to successfully identify who the person before issuing the certificate. This is one accident, but many more could occur in the future, resulting potentially fake certificate which could being used, to sign e-mail. Therefore the signature would not identify who the person is really.
RE: authenticated email
>This is a truckload of additional overhead, though. Not only that, but >even >a slight modification of the signed text will invalidate all the >signatures. >Then what? I would personally delete the e-mail, since it can not be verified.
Re: authenticated email
As for SMTP Server forwarding to other SMTP servers, the message will not signed until it reaches the receipt's domain SMTP server. Each of the SMTP would authenticate themselves using a series of cryptography challenges, to if the SMTP really holds the corresponding private key.
RE: Certificate / CPS issues
>Do you think that folk signing PGP keys are undertaking unlimited liability >should the certification turn out to be incorrect? The biggest difference between PGP and X.509, is that in PGP I can choose the level of trust. X.509 is based on doctorial model, where my browser is forced into trusting the certificate from a server.
RE: Certificate / CPS issues
> I think the real problem here is that folk are demanding something that is > impossible. They want a PKI that is entirely costless, failure free and >provides unlimited liability. If you set that as the standard for existence > of a global PKI then you are never going to see one. Folks will pay a certain amount providing the certificate validity period is not short time, for example issuing certificate that are valid for 2 years instead 1 year or provide many different validity periods for customers to choose from. The issue is of implementation of the system.
RE: Certificate / CPS issues
Pete wrote: > No, but if Mary turns out to be someone who signs PGP keys for people > I don't like. The job of the CA is NOT based on liking; it is one of authenticating the subscriber and issuing a certificate. The authentication of subscriber is defined by the CA's CPS.
RE: Certificate / CPS issues
Dave wrote: > Only a fool would accept a self-signed certificate CA certificate is self-signed. Are you suggesting CA should cross sign each others certificates?
RE: Certificate / CPS issues
The trust chain will include the root cert, which is self-signed. This means you would have to somehow trust the root cert. And that might be difficult: > Only a fool would accept a self-signed certificate
RE: Certificate / CPS issues
Al Arsenault: > SPAM passes your tests/filters until you > figure out how to remove the cert from the list of trusted ones. A filter could be set to filter out all e-mail containing a certain certificate, regardless of the trust chain.
RE: Certificate / CPS issues
>OK, so what happens when someone else uses my address, perhaps using > my passport, captured from some mail sent by me to someone? > I think the term of art is "being Joe Jobbed". > Every now and then, I get a bounced report that claims something I sent > is being returned, but it was not sent by me. This "something" is most >often spam sent to someone else. Sometimes it contains a virus. > Apparently this is a trick to get me to open it. The CA holds no warranty, making the certificate invalid in legal terms, since they can not prove the certificate is yours.
RE: Certificate / CPS issues
>Also, remember that a signature merely proves the signed data and the >public key were accessible to a computational device at the same time. >This is a LONG stretch from actually meaning you signed it intentionally. >See Schneier's "Secrets and Lies", there's a whole chapter on this point, >or just wait till somebody you know gets nailed with the next >Sobig/Nimda/Klez >or whatever, and ask if any of the mail they sent out was intentional. ;) You are telling if someone else was given a certificate in my name and signed a virus code and distributed it. I would go to jail for it because it was signed in my name. I would challenge the law altogether and fill in a complaint against the government for this.
RE: Engineering to deal with the social problem of spam
One way to deal with is to use a firewall theory. I contain a list of e-mail address of people. So if I receive a e-mail, if it is not in my e-mail address list, it is discarded. The only problem is e-mail addresses can be faked. For example, its configuration could be: Allow <[EMAIL PROTECTED]> Deny <[EMAIL PROTECTED]>
RE: Certificate / CPS issues
> a digital signature *could* be binding even if it's invalid If it is legal binding, when if the CA signs my certificate would also be a legal blinding act? Since a certificate is a document that has a digital signature. False certification would make CA in trouble regardless of their disclaimer.
RE: The spam problem is political (Re: Engineering to deal with the social problem of spam)
>Spam costs nothing. It costs you using your bandwidth.
RE: Certificate / CPS issues
> serious problems with the PGP model. PGP model offers a lower risk, since I can choose to trust the claimed person or not. I know PGP, may not scale globally.
RE: Certificate / CPS issues
The risk is reduced by starting with an empty keystore, when I have enough trust in the person then I added the person. When the trust is comprised, I remove the person. And before using my private key, I must enter a pass phrase as the private key is encrypted with this pass phrase. In X.509, it gives me a keystore with lots of certificates that I may not be able to trust. How do trust these certificates? I can not simply, they could be fake, and there is no establishment of trust, especially if the keystore component is written by Microsoft. "Make a determination in your mind whether this key actually belongs to the person whom you think it belongs to, based on available evidence."
RE: Certificate / CPS issues
>You have more control. More control does not > mean less risk. You can not gain trust by someone showing me a certificate. Trust is something that has to be controlled by the user and not trust chains in the certificate.
RE: Certificate / CPS issues
>You have more control. More control does not >mean less risk. Control is needed in risk management.
RE: Certificate / CPS issues
Christian Huitema wrote: > The PKI and the PGP model both have risks, just different risks. The PGP > model only involves the two parties; it brings the risk that the two > parties misidentify each other. The PKI model involves a third party, > supposedly trusted by both players; it brings the risk that the third > party may make mistakes, or that the two parties mistakenly assign too > much trust to a third party. Also, any large centralized service is > bound to become a target for government and other entities. Absolutely! The risk is narrower in PGP. We have already had a case were the third-party made a mistake. Some CA has sold their private key to get out of bankruptcy.
Re: Certificate / CPS issues
> Why are keystore components written by Microsoft peculiarly unworthy of > trust? There was a flaw in IE, although it has been fixed, the flaw allows the attackers to delete certificates from the keystore without any user notification. How can trust IE, it there is some very serious flaws like this one? You cannot. Also, have heard about Microsoft's Anti-Trust.
Re: Certificate / CPS issues
> Which one? According to Al Arsenault: > a number of the entities behind those trusted roots go out of business, or become somebody else, or... A quick quiz, > based on the root certs from IEv6 (yes, I know the answer to these questions, but I've been working in the PKI area > for over 15 years - how about most people): > >- who owns the private keys associated with those 3 "GTE Cyber Trust" root certificates? >- what is that company doing that will conclude by June 30? >- what about the private keys associated with those four "Equifax Secure" root certificates? >- there are at least 10 trusted root certificates marked signed by "DST". What happened to DST? >- there are six certificates marked as being from "Thawte". Who's "Thawte"? >- what about Xcert?
Re: Certificate / CPS issues
>Antitrust refers to prevention of abuse of monopolistic dominance of a >market; it has nothing to do with trust in the sense It is factor that contributes to building trust.
RE: Re: Certificate / CPS issues
>Antitrust refers to prevention of abuse of monopolistic dominance of a >market; it has nothing to do with trust in the sense It is factor that contributes to building trust.
Re: Certificate / CPS issues
> Not in the PKI sense PKI only works when there is trust. If you think "Rather a matter of apples and oranges, in my view." you are very blind to the trust element and its importance. I know you would even trust the Soviet Union.
