Hi,
On Aug 21, 2008, at 3:16 PM, Eric Rescorla wrote:
On Thu, Aug 21, 2008 at 5:28 AM, Simon Josefsson
<[EMAIL PROTECTED]> wrote:
Jonathan Schleifer <[EMAIL PROTECTED]> writes:
GPG should only be an option and not the default, never more, as GPG
is not user friendly to the average user.
I don't think non-technical users need to ever see anything except
similar user interfaces as shown earlier in this thread.
It wouldn't really work with a dialog like that. We already have
problems getting people to verify the SAS, how do you expect them to
verify a fingerprint? ;)
You can transform an OpenPGP key fingerprint into a SAS-like
string, if
that makes you feel better, and ask users to verify that. Hash the
OpenPGP fingerprint, truncate it and encode it using the same
length and
characters as used by SAS today.
This actually isn't as secure as an SAS if done exactly this way,
because
the attacker can generate a key that matches the truncated hash via
exhaustive search.
What is secure is if the relying party chooses random bits out of the
fingerprint to ask the user to check, thus forcing the full
fingerprint
to be secure. I'm not yet sure how to do a good UI for this.
You could use OpenPGP certificates in a TLS negotiation (using RFC
5081) with the SAS extension for TLS (described here: https://
svn.resiprocate.org/rep/ietf-drafts/ekr/draft-mcgrew-tls-sas.txt)
which does not have the problem you describe.
As for UI for the SAS exchange, I'm partial to the use of the
Mnemonic encoder with a GUI like this: http://mooseyard.com/Jens/
2008/04/cloudy-verification/ (page down, about three or four screens).
Best regards,
--
Pedro Melo
Blog: http://www.simplicidade.org/notes/
XMPP ID: [EMAIL PROTECTED]
Use XMPP!
