[cryptography] Why anon-DH is less damaging than current browser PKI (a rant in five paragraphs)

James A. Donald jamesd at echeque.com
Tue Jan 8 11:19:50 EST 2013

On 2013-01-08 11:20 PM, ianG wrote:
> That took me to some random thing like internationalmoney.com.  I 
> phoned up the bank to complain and check ... they guy looked at the 
> page and said, "sure, that's it!"  Reading from the same webpage.  I 
> said "you are training your users to be phished" and he didn't even 
> get flustered.
> Whatever this domain was, I did the traceroute and whois and found 
> that the whole thing was a totally independent outsourced organisation 
> outside CBA's country.  As it turns out, it was outsourced to HP's 
> cloud operation in California.
> On the same day, I read an article in the major newspaper from the IT 
> director of the bank saying they would never ever outsource customers' 
> data outside the bank.
> So.  Totally hopeless.  A recipe for disaster.
Human memorable names only work when the number of things to have proper 
names is similar to the number of humans in a group in the ancestral 

That suffices if one is accessing the named entity through an interface 
that brings you to entities that correspond to the limited number of 
names that you know, which is to say, identify by name works for 
petnames, but not for global names.

Thus PKI fails, because it assumes you know the global name. Inevitably, 
however, links on the website bring you to names that are company 
centric, rather than egocentric, bring you to entities that are petnames 
in relation to the company, not petnames in relation to you.

More information about the cryptography mailing list