Hi, > Let us consider a Tier 6 security regime applied to management of a CA: > > Separation of duties - increases the number of trusted parties > No sequential access - increases the number of trusted parties > No lone zone - increases the number of trusted parties. > > Those are all NSA/GCHQ doctrines. I am pretty sure that they > understand security engineering at some level.
But can they be applied to, say, current X.509 PKI? I doubt that. > People need to stop talking about links in chains. If you have a > serious security architecture it does not look like a chain, it does > not have a single point failure mode. This seems too high-level and abstract to have a meaning. There seems to be a chain in every "security architecture" (for whatever that may be). Just think of work flows - these are inherent to any "architecture", and work flows are chains. Ralph PS: My problem with the word "architecture" is that today it's mostly used in publications when the authors just mean "something we thought up for our little problem". It's used so often it's almost meaningless. -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ therightkey mailing list therightkey@ietf.org https://www.ietf.org/mailman/listinfo/therightkey
