[cryptography] Math corrections

Arshad Noor arshad.noor at strongauth.com
Wed Sep 21 12:30:39 EDT 2011


On 09/18/2011 11:57 AM, Peter Gutmann wrote:
> Arshad Noor<arshad.noor at strongauth.com>  writes:
>
>> Are there weaknesses in PKI?  Undoubtedly!  But, there are failures in every
>> ecosystem.  The intelligent response to "certificate manufacturing and
>> distribution" weaknesses is to improve the quality of the ecosystem - not
>> throw the baby out with the bath-water.
>
> The intelligent response to the failure of PKI is to look at what the real
> threats are and to act to counter them.

Agreed.  However, I don't see us talking about the two biggest threats
to PKI - or any ecosystem, for that matter:

1) Ignorance - the vendor community has dumbed down users for the last
    20-years to the point that they have suspended rational thought even
    when its in their own self-interest.  However, this is forgivable
    because people sometimes have higher priorities, and they expect
    that experts are looking out for them;

2) The cynicism of "experts" that prevents true progress from occurring
    every time an idea, however unorthodox or difficult, is presented.
    While a healthy debate is essential to the formulation of good
    solution, cynicism is grand-standing at its worst.

"Fixing PKI" is about as useful as
> inventing a more cromulent type of unicorn repellant.

It is my assertion that the problems with PKI are "manufacturing and
distribution" problems that can be solved.  One can build simple and
secure PKIs just as one can build Rube Goldberg-like database
applications; yet no one goes around talking about "fixing databases"
as if they were lost causes - they just fix them.

Arshad Noor
StrongAuth, Inc.

P.S.  May I recommend this poem?  Far, far better people than I have
solved bigger problems, getting encouragement from its words:

Invictus - William Ernest Henley (http://www.bartleby.com/103/7.html)





More information about the cryptography mailing list