[cryptography] preventing protocol failings
James A. Donald
jamesd at echeque.com
Tue Jul 12 19:56:56 EDT 2011
On 2011-07-13 7:24 AM, Zooko O'Whielacronx wrote:
> On Tue, Jul 12, 2011 at 11:10 AM, Hill, Brad<bhill at paypal-inc.com> wrote:
>> I have found that when H3 meets deployment and use, the reality too often becomes: "Something's gotta give." We haven't yet found a way to hide enough of the complexity of security to make it free, and this inevitably causes conflicts with goals like adoption.
> This is an excellent objection. I think this shows that most crypto
> systems have bad usability in their key management (SSL, PGP). People
> don't use such systems if they can help it, and when they do they
> often use them wrong.
Considering how often engineers have screwed up key management, asking
end users to manage keys is guaranteed to fail.
All new systems combine key management with address management, so that
the user faces no extra clicks to keep his keys in sync with his
addresses. For example a bitcoin address looks like
1Kaa6Y7F61aQER8jZBoBtfEVscAQ1KjAGk (a petname is associated with each
and a tor hidden service looks like
http://ianxz6zefk72ulzz.onion/index.php (Tor relies on the Mozilla
bookmarking system for petnames, while bitcoin has its own address
management UI to enter petnames)
More information about the cryptography