[79390] in cryptography@c2.net mail archive
Re: Failure of PKI in messaging
daemon@ATHENA.MIT.EDU (Ian G)
Tue Feb 13 09:40:40 2007
Date: Tue, 13 Feb 2007 12:37:54 +0100
From: Ian G <iang@systemics.com>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Cc: Matt Blaze <mab@crypto.com>,
"James A. Donald" <jamesd@echeque.com>,
Cryptography <cryptography@metzdowd.com>
In-Reply-To: <20070212224403.98F7D7660B7@berkshire.machshav.com>
Steven M. Bellovin wrote:
> On Mon, 12 Feb 2007 17:03:32 -0500
> Matt Blaze <mab@crypto.com> wrote:
>
>> I'm all for email encryption and signatures, but I don't see
>> how this would help against today's phishing attacks very much,
>> at least not without a much better trust management interface on
>> email clients (of a kind much better than currently exists
>> in web browsers).
>>
>> Otherwise the phishers could just sign their email messages with
>> valid, certified email keys (that don't belong to the bank)
>> the same way their decoy web traffic is sometimes signed with
>> valid, certified SSL keys (that don't belong to the bank).
>>
>> And even if this problem were solved, most customers still
>> wouldn't know not to trust unsigned messages purporting
>> to be from their bank.
>>
>
> Precisely. The real problem is the human interface, where we're asking
> people to suddenly notice the absence of something they're not used to
> seeing in the first place.
Actually, there are many problems. If you ask the low-level
crypto guys, they say that the HI is the problem. If you
ask the HI guys, they say that the PKI concept is the
problem. If you ask the PKI people, they say the users are
not playing the game, and if you ask the users they say the
deployment is broken ... Everyone has got someone else to
blame.
They are all right, in some sense. The PKI concepts need
loosening up, emails should be digsig'd for authentication
(**), and the HI should start to look at what those digsigs
could be used for.
But, until someone breaks the deadly embrace, nothing is
going to happen. That's what James is alluding to: what
part can we fix, and will it help the others to move?
iang
** I didn't say digital signing ... that's another problem
that needs fixing before it is safe to use, from the "ask
the lawyers" basket.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com