[cryptography] Client certs

ianG iang at iang.org
Wed Sep 28 03:42:24 EDT 2011


On 28/09/11 00:17 AM, M.R. wrote:
> On 25/09/11 21:52, ianG wrote:
>>
>> ... Any client cert is better than the current best saved
>> password situation, because the technical security of a
>> public key pair always exceeds a password...
>
> Client certs are not a practical solution for retail and other
> low security applications: they require that the end user uses
> either one and only one computer, or that they are burdened
> with transferring certificates between all the computers that
> are being used by one customer to access to site and transact
> the business.

Well, the choice is between weak passwords and something better.

As users are required these days to have dozens of accounts, this means 
they have dozens of passwords.  Which means ... many compromises of the 
security architect's expectations, e.g., the standard advice is "write 
your passwords down."

http://xkcd.com/936/

Basically, it works if you expect passwords to be like PINs.

On the other hand ... we are getting more and more towards a multiple 
computer environment.  Computers are getting more and more used to 
talking to each other in a user-oriented fashion.  E.g., if one buys 
Apple (the brand, the experience) one gets a fair amount of integration 
across devices.  Cloud, etc.

So, I'd think the time is coming where devices will be able to simply 
sync the client certs across.  As well as the passwords.

(Whether they choose to do so is another issue.)

> I have noticed that "crypto experts" keep pushing this "use-only-
> a-single-trusted-computer" M.O. on the end users, while site
> operators (retail especially) understand it is utterly unrealistic
> and insist on passwords since these can be used on any computer
> their customer happens to be at.

Right.  What the consumer does is king.  The consumer does almost 
nothing towards her security.  The minimum possible, including 
circumventing the system.  She won't buy a trusted computer.

The economic goal of a security system is to be free;  there is only one 
mode, and it is secure.  I like Zooko's description that the security 
system has to search out the free energy available in the life of the 
user;  this is a good way of conceptualising how we want to build what 
appears to be a perpetual energy machine.

The point here being that you'll never get it with remembered 
passwords.  It's already compromised and it's already non-free.

Assuming that we want strong passwords, not PINs, the future lies in 
crypto stores, which means we have to syncronise across devices one way 
or another.  With passwords or with client certs.


iang



More information about the cryptography mailing list