[15815] in cryptography@c2.net mail archive
On SSL, SET, `real PKI` and real code against Phishing/Spoofing
daemon@ATHENA.MIT.EDU (Amir Herzberg)
Thu Jul 22 13:53:27 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 22 Jul 2004 11:08:08 +0200
From: Amir Herzberg <herzbea@macs.biu.ac.il>
To: Anne & Lynn Wheeler <lynn@garlic.com>
Cc: "Steven M. Bellovin" <smb@research.att.com>, EKR <ekr@rtfm.com>,
Florian Weimer <fw@deneb.enyo.de>, cryptography@metzdowd.com
In-Reply-To: <6.1.2.0.2.20040721094240.05713020@mail.comcast.net>
This is a multi-part message in MIME format.
--------------020807050406020908010108
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
brief comments/suggestions:
1. The whole discussion on how much eavesdropping is a threat is
irrelevant. We all know it is a threat and the level is not important,
as SSL/TLS provide a good, inexpensive solution. Drop this topic.
2. Stop beating the dead horse (SET). But yes, we should learn from
mistakes... and Steve is right: SET main failure was lack of incentive
to buyers and sellers. Such an incentive was our design assumption and I
was assured by the CC `suits` they'll do it, but when they did, it was
too little and much too late. And also they added so much baggage on
this poor protocol that it became really so complex. But I am proud of
few things in SET, especially...
> It wasn't even a real PKI ...
No, exactly, it wasn't. Because what you refer to as `real PKI` (see
original note...) - identities, revocation etc. - are not needed for
this application (and many others). We need to use the tool that fits
the job.
3. Which brings us back to SSL and Ian's objection... I think Ian
_really_ objects to the fact that the major SSL/TLS deployments
(browsers, servers) depend on `browser PKI`. And I agree: I think the
`browser PKI` is a sad joke (on us), with the weakly-secure,
not-really-trusted list of over-100 CAs. We can do much better - use
SSL, but checking certificates better; display the logo of the site
and/or of the CA, and allow users to decide on sites they trust (and
their logos) manually...
We have been discussing these things on this list for ages, and some
even asked `is there a real use for crypto`. Then, with Ahmad, we
implement and document a cute little extension to Mozilla that uses SSL
and certificates, but probably not what some may call `real PKI`. And
guess what? You go back to argue on SSL vs. SET and such.
Guys: give us some feedback! Ok, it's a paper, not a note, but it is
really pretty easy reading. And if this is too much, at least look at
the screen shot:
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing_files/image006.gif
And then speak up - is it the right approach? Should we change something
before releasing (hoping in a week or two) or longer term? Can you do it
for IE or other browser?
(for the paper, see my homepage as below...)
--
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures in cryptography &
security)
Mirror site: http://www.mfn.org/~herzbea/
--------------020807050406020908010108
Content-Type: text/x-vcard; charset=utf-8;
name="herzbea.vcf"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="herzbea.vcf"
begin:vcard
fn:Amir Herzberg
n:Herzberg;Amir
org:Bar Ilan University;Computer Science
adr:;;;Ramat Gan ;;52900;Israel
email;internet:herzbea@cs.biu.ac.il
title:Associate Professor
tel;work:+972-3-531-8863
tel;fax:+972-3-531-8863
x-mozilla-html:FALSE
url:http://AmirHerzberg.com , mirror: http://www.mfn.org/~herzbea/
version:2.1
end:vcard
--------------020807050406020908010108--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
