[145496] in cryptography@c2.net mail archive
Re: A mighty fortress is our PKI, Part II
daemon@ATHENA.MIT.EDU (James A. Donald)
Thu Jul 29 09:38:27 2010
Date: Thu, 29 Jul 2010 19:19:16 +1000
From: "James A. Donald" <jamesd@echeque.com>
Reply-To: jamesd@echeque.com
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
CC: ben@links.org, perry@piermont.com, cryptography@metzdowd.com
In-Reply-To: <E1Oe7Sd-0007sA-9Z@wintermute02.cs.auckland.ac.nz>
On 2010-07-29 12:18 AM, Peter Gutmann wrote:
> This does away with the need for a CA,
> because the link itself authenticates the cert that's used.
>
> Then there are other variations, cryptographically generated addresses, ...
> all sorts of things have been proposed.
>
> The killer, again, is the refusal of any browser vendor to adopt any of it.
Bittorrent links have this property. A typical bittorent link looks
like
magnet:?xt=urn:btih:2ac7956f6d81bf4bf48b642058d31912479d8d8e&dn=South+Park+S14E06+201+HDTV+XviD-FQM+%5Beztv%5D&tr=http%3A%2F%2Fdenis.stalker.h3q.com%3A6969%2Fannounce
It is the equivalent of an immutable file in Tahoe.
> In the case of FF someone actually wrote the code for them, and it was
> rejected. Without support from browser vendors, it doesn't matter what cool
> ideas people come up with, it's never going to get any better.
The browser vendors are married to the CAs
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
