On Wed, Apr 9, 2014 at 4:15 PM, Steve Crocker <steve@xxxxxxxxxxxx> wrote: > My own opinion is related but not identical. I agree solutions 1 and 3 are failures; 1 doesn’t provide the trust and 3 doesn’t scale. Solution 2 is also problematic because the government tends to overreach and there isn’t a single government. > > DNSSEC provides a base platform to build upon. It doesn’t claim to provide the level of trust the CA system tried to provide. That’s a key strength, not a weakness. > I agree as long as you continue to use the indefinite article. DNSSEC is A platform to build on, so is PGP and so is S/MIME. There is actually a considerable built out base of S/MIME that is just as large as PGP and in fact gets a lot more use. On Monday I was in a room where over half the audience put their hand up when I asked it they had used encrypted mail that week. The way forward as I see it is to separate out the trust model question from the steps necessary to support encryption in the client. At the very least for development purposes. My prototype is designed to allow anyone to plug their favorite trust model in as a web service. So we can share 95% of the code that is the hardest to write and has to be supported on every platform. We only need to implement the 5% where the difference lies. Given this week's Heartbleed news, I think we can stop hearing conclusions drawn from DigiNotar. No crypto is ever going to be perfect, get over it. If people want to hold CAs up to a 'zero tolerance' standard, thats fine. Just make sure you hold OpenSSL up to the same standard and pull them from the code base as well. And kick anyone who might have been implicated in an NSA plot out of the IETF. And stop using all their specs. And.. and., and.. The problem with the CA model for email is that as a CA it is really difficult for me to actually validate individuals. The best I can do is to check their government issued ID. Which really does not help me in a country like Iran. The CA model does give me a lot of leverage if I am looking to authenticate an institution however. Web of trust has a scaling problem that I illustrate in the video. Basically a web of trust with 1000 members that is ten hops away from me has a work factor of essentially zero as I have no way to tell if it is genuine or fake. But the curious thing is that if we combine the two models, the work factor for the attacker increases over the CA model alone and we get scaling. If there are 50 members of that web of trust with CA validated certificates with a work factor of X, the web of trust might have an average work factor approaching 20-30X for a given cert. -- Website: http://hallambaker.com/