[145443] in cryptography@c2.net mail archive
Re: A mighty fortress is our PKI, Part II
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Wed Jul 28 10:11:59 2010
Date: Wed, 28 Jul 2010 10:05:22 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Ben Laurie <ben@links.org>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, cryptography@metzdowd.com
In-Reply-To: <4C5032ED.20506@links.org>
On Wed, 28 Jul 2010 14:38:53 +0100 Ben Laurie <ben@links.org> wrote:
> On 28/07/2010 14:05, Perry E. Metzger wrote:
> > It is not always the case that a dead technology has failed
> > because of infeasibility or inapplicability. I'd say that a
> > number of fine technologies have failed for other reasons.
> > However, at some point, it becomes incumbent upon the proponents
> > of a failed technology to either demonstrate that it can be made
> > to work in a clear and convincing way, or to abandon it even if,
> > on some level, they are certain that it could be made to work if
> > only someone would do it.
>
> To be clear, I am not a proponent of PKI as we know it, and
> certainly the current use of PKI to sign software has never
> delivered any actual value, and still wouldn't if revocation worked
> perfectly.
>
> However, using private keys to prove that you are (probably) dealing
> with the same entity as yesterday seems like a useful thing to do.
I agree with that fully.
> And still needs revocation.
Does it?
I will point out that many security systems, like Kerberos, DNSSEC and
SSH, appear to get along with no conventional notion of revocation at all.
> Is there a good replacement for pk for this purpose?
I think public key cryptography is a wonderful thing. I'm just not
sure I believe at all in PKI -- that is, persistent certification via
certificates, certificate revocation, etc.
PKI was invented by Loren Kohnfelder for his bachelor's degree thesis
at MIT. It was certainly a fine undergraduate paper, but I think we
should forget about it, the way we forget about most undergraduate
papers.
Perry
--
Perry E. Metzger perry@piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
