Re: PKI is weakly secure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hallam-Baker, Phillip wrote:

> Security is a property of systems and not of technologies.

Yes, of course. Though some often claims PKI were cryptographically
secure, it does not mean PKI is strongly secure. Cookies, too, are
cryptographically secure.

> In particular security is risk management and not the elimination
> of all risk.

So, I, quite constructively, showed how to archieve strong security
by securely sharing security information directly between the first
and the second party. It eliminates intermediate intelligent entities
and gives the ultimate (fate sharing) security archived by the end
to end principle.

On the other hand, you and others merely stating possibility that
some PKI could be made fairly secure if all the operational rules
could be observed by all the operators.

> PKI provides opportunities for technical risk mitigation which are
> not available in normal circumstances.

That's a totally unfounded statement and is not constructive.

> For example the root keys associated with high security embedded

Security is a property of systems and not of parts of systems.

Backbone routers can be protected equally securely.

> Such operational controls are not likely to be acceptable to network
> administrators at your average ISP.

Nor to PKI administrators near leaf where keys must be accessed
often to generate CAs.

						Masataka Ohta



_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]