On Tue, Mar 02, 2021 at 10:38:15AM -0800, Michael Thomas wrote: > TLS is water under the bridge. We got the mess of disjoint trust anchors and > who should be trustworthy or not, but somehow it mostly works. My beef is > with the collateral damage of that choice. ASN.1 instantly makes figuring > out what's going on much harder. Instead of more(1) I have to do some arcane > openssl incantation to view the contents of a certificate. And instead of > just directly using a public key to bind to an identity, I have to figure > out how and what CA to issue a certificate, blah blah blah, instantly making > a simple concept far, far harder. And don't even get me started on business > models. Yes, which is why I put some effort into automatic open type handling. I can now get a pretty JSON view of a certificate, with all Extensions, all Attributes, all RDNs, all GeneralName alternatives (well, ok, I've not implemented X.400 naming, and I won't), all SANs, everything decoded nicely. > Look at the complexity difference between DKIM vs. STIR which are doing > approximately the same thing (or at least should be). I would say that part > of STIR's failing is that they got sucked down the X.509 rathole requiring > special root CA's so they could assert things about e.164 addresses instead > of doing the far more obvious thing that DKIM did which was to assign > responsibility for messages to the domains sending them. It's not directly > X.509's fault they solved the wrong problem, but it absolutely didn't help > because it set up the mindset where solving the wrong problem seemed like a > tractable problem when in fact it is not. It's possible, yes, but this is why it's important to understand the technology one picks. TCG, for example, picked PKIX then they created non-string-valued attributes (%^&@!). Tools are just that, and you can always misuse the right tools, or pick the wrong tools to begin with. That's why my post ended with an imploration to know what came before before one goes around reinventing the darned thing. Since this sub-thread is devolving into what went wrong with x.509, maybe we should also look at what went right, and about the only things I can think went right was: - that it got extended to support arbitrary naming forms, - EKUs, - and that PKIX usage is evolving towards short-lived certificates to avoid dealing with revocation. Also, having end entities send their certificate chain. RPs simply can't construct validation chains from just EE certs, and it was always pure fantasy that they could, just as public X.500 DAP / LDAP directories full of private information made public was always a 1980s naive fantasy. Ah, the naive 80s, before the Morris worm, before spam, back when the only people on the Internet were professors, grad students, and the military. Nico --
