On Tue, May 17, 2016 at 12:58 PM, Michael Richardson <mcr+ietf@xxxxxxxxxxxx> wrote:
Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> wrote:
> Right now I am working on technology that makes end-to-end security practical
> and usable.
This is awesome; I'm hoping that microsoft, apple and google will pay
attention and collaborate. In the 1990s, I think that one reason we wound up
where we did was because the work was being done by academics and later by
dot-com startups. Who has the resources to collaborate with you?
Right now the problem seems to be that everyone wants to play to be the only king of the castle like they did with instant messaging when it was the hot thing.
A personal PKI isn't going to give people personal autonomy and freedom if it binds them to only one provider with purposefully high switching costs. Nor is it going to have an effective network effect if you can only communicate with people in the same network as you.
I am busy working on reference code and specs. I should have a significant system to show in Berlin. It is all open source, MIT license and on GitHub,
> Using off the shelf mail applications with the Mathematical Mesh
> is actually easier than using them without. But there are some features I
> have added to meet real end user needs that we would never have considered in
> the 1990s. In particular a key backup and recovery option that is turned on
> by default.
> Why do real users need key recovery? Well without the ability to recover a
> lost key, a protocol that encrypts stored data becomes worse than ransomware.
> There isn't even the option of paying a criminal to get your data back.
That's very true.
I have been wondering, in the context of Apple's improvement to device
security, how the untimely death of a person will be dealt with.
These are serious problems that have to be planned for. Right now I have code to do Shamir keysharing to escrow the long term escrow keys. But if people want to use this as a life long personal security infrastructure, they need to be able to identify some papers as being so personal that they die with them and others that become public on their death. For example where I buried Aunt Agatha's jewelry is something I want to make public. Where I buried Aunt Agatha, is not.
> Another critical security technology that we managed to allow ourselves to be
> persuaded was 'evil' is trustworthy computing. As a result the WebPKI
It wasn't trustworthy, because they refused peer review.
We couldn't even get Intel to reveal pre-whitened random numbers!
(correct me they ever fixed that...)
Well, see my recent work on multi-party key generation. When we make the move to DH based crypto puzzles with Elliptic Curve and beyond, I have schemes that allow you to make use of the security hardening properties of onboard crypto without revealing all of the private key to that system.