[cryptography] Tell Grandma to remember the Key ID and forget the phone number. [was: Re: Let's go back to the beginning on this]

Jon Callas jon at callas.org
Mon Sep 26 15:55:56 EDT 2011

On Sep 26, 2011, at 10:18 AM, John Levine wrote:

>> Now what you're suggesting could work if you did something like made
>> some directories that stored the key IDs and web sites they belonged to.
> I'm having trouble understanding how this is usefully different than
> a CA.
> Current scenario: you do something to persuade a CA to sign your cert.
> Then browsers say you're OK, which is a problem if the CA is sloppy.
> New improved scenario: you do something to persuade a directory to
> list your key ID.  Then some manual or automatic process makes your
> web site appear OK, which is a problem if the directory managers are
> sloppy.
> What am I missing here?  This all boils down to the introduction
> problem, how do you persuade one party that a second party who they
> don't know yet is OK.  It's always the weak link in any security model
> which has a perimiter with nice people inside and unknown or nasty
> people outside.

No, no, you understand it just fine. You only missed the irony. 

You can replace certification if you replace it with certification. Failing that, it's hard. Memorizing key IDs does work, but leaves as another security hole the DNS system. Of course, the true way to do it is to get the users to memorize IP addresses and key IDs.


More information about the cryptography mailing list