[cryptography] Client certs
iang at iang.org
Wed Sep 28 03:42:24 EDT 2011
On 28/09/11 00:17 AM, M.R. wrote:
> On 25/09/11 21:52, ianG wrote:
>> ... Any client cert is better than the current best saved
>> password situation, because the technical security of a
>> public key pair always exceeds a password...
> Client certs are not a practical solution for retail and other
> low security applications: they require that the end user uses
> either one and only one computer, or that they are burdened
> with transferring certificates between all the computers that
> are being used by one customer to access to site and transact
> the business.
Well, the choice is between weak passwords and something better.
As users are required these days to have dozens of accounts, this means
they have dozens of passwords. Which means ... many compromises of the
security architect's expectations, e.g., the standard advice is "write
your passwords down."
Basically, it works if you expect passwords to be like PINs.
On the other hand ... we are getting more and more towards a multiple
computer environment. Computers are getting more and more used to
talking to each other in a user-oriented fashion. E.g., if one buys
Apple (the brand, the experience) one gets a fair amount of integration
across devices. Cloud, etc.
So, I'd think the time is coming where devices will be able to simply
sync the client certs across. As well as the passwords.
(Whether they choose to do so is another issue.)
> I have noticed that "crypto experts" keep pushing this "use-only-
> a-single-trusted-computer" M.O. on the end users, while site
> operators (retail especially) understand it is utterly unrealistic
> and insist on passwords since these can be used on any computer
> their customer happens to be at.
Right. What the consumer does is king. The consumer does almost
nothing towards her security. The minimum possible, including
circumventing the system. She won't buy a trusted computer.
The economic goal of a security system is to be free; there is only one
mode, and it is secure. I like Zooko's description that the security
system has to search out the free energy available in the life of the
user; this is a good way of conceptualising how we want to build what
appears to be a perpetual energy machine.
The point here being that you'll never get it with remembered
passwords. It's already compromised and it's already non-free.
Assuming that we want strong passwords, not PINs, the future lies in
crypto stores, which means we have to syncronise across devices one way
or another. With passwords or with client certs.
More information about the cryptography