Re: the introduction problem, was Email and reputation (was Re: Service outages planned for April 25)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 5/2/2022 9:24 PM, Keith Moore wrote:

On 5/2/22 09:20, John R Levine wrote:
We have several decades of S/MIME and PGP failing because nobody knows how to do key distribution at scale. 

...
User interface issues seem like some of the more significant problems because (for example) it really does make sense for the President's secretary to sign an email from the President.  How do you communicate to users who has the authority to sign something for purpose A but not purpose B?  And yet, humans have been doing similar things with signatures on paper for many centuries.   I don't think it's an unsolvable problem unless perhaps you want to cram all of that information on a watch face. 
...
So I see a lot of careful engineering that's needed, and a lot of user interface work (which is admittedly problematic for IETF), and probably some hard political work by honest people to overcome the efforts of dishonest people who will try to subvert it (whether or not they believe they're doing good).
But I don't think there are fundamentally unsolvable technical problems, so much as problems that make people uncomfortable - because there's no simple system that spans a wide enough range of compromises to suit everyone.   But that doesn't mean that there's no system that doesn't solve most people's problems.
There are many technical problems, but there also some pretty fundamental User Interaction issues. The way I think of this problem is "I want to find the electronic address of the person whom I call Alice Example". That kind of name is not unique in general, but it is unique enough for me -- cryptographers often refer to this as a "pet name". Doing that in a centralized service is hard. You have to assume that a variety of phishers are going to try insert their own set of metadata in the service database. I might have better chances asking my friends, who may well understand who I refer to as "Alice Example". And maybe we could develop some kind of friend-to-friend service overlaid over a social network. But if we are not careful, it will be easy to leave enough holes to let a whole raft of phishermen through... 

-- Christian Huitema
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux