[144723] in cryptography@c2.net mail archive
Re: Client Certificate UI for Chrome?
daemon@ATHENA.MIT.EDU (James A. Donald)
Wed Aug 12 10:29:33 2009
Date: Tue, 11 Aug 2009 06:48:32 +1000
From: "James A. Donald" <jamesd@echeque.com>
Reply-To: jamesd@echeque.com
To: Thomas Hardjono <hardjono@MIT.EDU>
CC: Ben Laurie <benl@google.com>,
Cryptography <cryptography@metzdowd.com>
In-Reply-To: <1249870615.acc75.2613384CCEFE8EA8A94499391B96064A1B24D3E57804A@w92expo4.exchange.mit.edu>
Thomas Hardjono wrote:
> I'm not sure if the Chrome folks would be prepared to
> ship their browser without any CA certs loaded,
Excessive distrust is inconvenient, excessive trust is
vulnerable. It is better to remedy flaws by expanding
functionality rather than restricting it.
On the one hand, something like Verisign is very useful
to signify that an entity that calls itself a bank is in
fact regarded as a bank by governments and other major
banks, on the other hand, it is pretty useless for
designating membership of a group to other members of
the group, which is the major function of client side
certificates.
The number of globally important entities is necessarily
small, therefore a global namespace of globally unique
human memorable names, (such as "Bank Of America") works
well for them. The number of entities that have or
need keys is quite large, therefore Zooko's triangle
applies - globally unique human memorable names work
very badly for the vast majority of keyholders,
therefore a business whose job is enforcing global
uniqueness of human memorable names (such as Verisign)
is going to be a pain to deal with, for it is trying to
do something that really cannot be done, therefore in
practice will merely make it sufficiently difficult for
clients that scammers do not bother.
Even for banks, globally unique names are problematic.
A remarkably large number of banks are called something
National Bank, or First National Bank of something.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
