[13857] in cryptography@c2.net mail archive
Re: Announcing httpsy://, a YURL scheme
daemon@ATHENA.MIT.EDU (Ed Gerck)
Tue Jul 15 23:04:50 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 15 Jul 2003 14:15:50 -0700
From: Ed Gerck <egerck@nma.com>
To: Tyler Close <tyler@waterken.com>
Cc: cryptography@metzdowd.com
Tyler Close wrote:
> Please read the provided documentation.
> ...
This is what your documentation says about key revocation:
"When using YURLs, sysadmins can shorten the lifetime of a
certificate, change keys more frequently, and thus reduce
their site's vulnerability to identity theft. Keys could even be
changed at a frequency that would enable the site to forgo
certificate revocation and Certificate Revocation Lists (CRLs).
Really? What prevents the attacker from having a rogue site
with the stolen key if there is nowhere to verify whether the
key is valid or not?
>From your other URLs, I also read:
"A YURL MUST provide all the information required to
authenticate the target site. Authentication of the target
site MUST ONLY rely on information contained in the
YURL."
The YURL is the single point of control and that is a problem,
not a solution. The YURL must also be recognized as a single
point of failure -- i.e., no matter how trustworthy that single point
of control is, it may fail or be compromised and there is no recourse
available because it is the single point of control.
Cheers,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
