[ On Thursday, September 23, 2004 at 12:21:40 (-0700), Seth Arnold wrote: ] > Subject: Re: New whitepaper "The Phishing Guide" > > Methinks PGP is good for talking within friends, but perhaps trusting > communications from J. Random Corporation with PGP as your best means of > verification is a stretch. The Web Of Trust idea only takes you so far > in combating these problems -- I've heard anecdotal evidence that > someone has replicated the entire "Web Of Trust" graph with identical > uids on keys of EFF members. If one starts the search from the desired > key and searches until finding a plausible name, one is doomed. One must > return to one's own key You seem to be blaming the existing state of the PGP web of trust on some fundamental failing in its design and yet you then go on to admit that people use the wrong kinds of things in real life to authenticate and identify others with, and you further admit that the public in general still has a lot to learn about using computing and networking infrastructures safely in their daily lives. PGP's web of trust can be almost infinitely more reliable, trustworthy, and controllable, than any one, or many, for-profit certification agencies. Just because one takes a set of dedicated PGP users and tries but fails to establish trust relationships with non-PGP users doesn't mean PGP's web of trust is broken -- one of the parties is "broken", not the web of trust itself or the concept of a web of trust. Obviously in order to establish trusted end-to-end communciations both parties must be dedicated to using the technology that achieves their goal and both parties must have some basis for relating to each other. The web of trust simply allows that relationship to have a somewhat less direct nature and to be many-to-many instead of one-to-one. The idea that a web of trust can work very well once it reaches critical mass can be trivially demonstrated through simple analysis of the web of "friends" formed in any of these large online networking systems such as Orkut. > -- AND have faith that everyone in the middle > played fairly. No, that's not true -- faith doesn't enter into it. In a sufficiently connected and properly maintained web of trust it should be relatively easy for conspirators to be weeded out and eliminated. Not that such a thing is easy to achieve of course. Obviously a sufficient level of interconnection in a web of trust requires a critical mass of users; and proper maintenance of the web of trust requires a sufficient level of proficiency and dedication on the part of those users. It would certainly help a lot of those users where encouraged to learn what they need to know and encouraged to pay attention to maintaining their status and involvement through the initiative of whatever large institutions many people are already involved with. Unfortunately it seems such institutions (e.g. banks, etc.) have so far gone in the direction of using for-profit (and usually for-profit public corporate) entities to manage x.509 style certificate authorities. Technically there is not a lot of difference between PGP's web of trust and a group of certificate authorities. PGP is not just for mail and SSL/TLS is not just for HTTP. There are indeed deficiencies in PGP's implementation choices. A public web of trust can be built using any public-key crypto system. I think the important thing is that we need to work on building a democratic web of trust -- and learn to rely less on certificate authorities operated by for-profit, and particularly public, corporations. The public corporation is anything but democratic, especially when it gets involved in the affairs of private individuals and government bodies. -- Greg A. Woods +1 416 218-0098 VE3TCP RoboHack <woods@xxxxxxxxxxx> Planix, Inc. <woods@xxxxxxxxxx> Secrets of the Weird <woods@xxxxxxxxx>
