[cryptography] Allergy for client certificates

Guido Witmond guido at witmond.nl
Fri Oct 11 14:17:14 EDT 2013


On 10/11/13 14:52, Thierry Moreau wrote:
> Guido Witmond wrote (in reference to eccentric authentication):
>>
>> Another (not a killer)-feature (for users) is that they are in control
>> of the account. When they delete the private key, their account is
>> closed. No one else can come later and claim the account. Unless they
>> copied the private key beforehand.
>>
> 
> Some reality check may turn this from a feature into a serious flaw:
> it's account continuity that matters to server-vendors and
> client-customers as well.
> 
> Server: a very good customer account vanishes suddenly and pops up as a
> new account (which one?) among the 200 or so that made a first
> transaction during the next week. Even the vanishing event can not be
> detected!
> 
> Client: I relied on the server to keep track of past purchase details,
> and for a crypto-&?%# reason (do I care?) I lost them. Even worse, I
> can't create a new account with my real name (it says it's already
> enrolled while in fact it no longer works).
> 
> Solving this issue in your experiment is going to re-introduce much of
> the PKI complexity.
> 
> Sorry for asking tough questions, but maybe they would pop up sooner or
> later if this experiment goes forward.

No problem asking. These things will happen. People will lose keys.
Especially when they use lousy client computers and dev-null-backup
strategies.

The account discontinuity is part of the requirements trade off: In
return for the ease of client account setup, the privacy, and client
side control you get the responsibility of not losing your private key.

However, as you're a good customer, call the shop, identify yourself
until they are satisfied that you are their good customer and they will
happily transfer your history to your new account, to keep your business.

You are not entirely at risk for hostile takeovers. When you get an
account request, create a new message for the personal (encrypted)
RSS-feed. If you see it getting requested and downloaded, you know that
- someone - still has access to the private key.

Regards, Guido.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20131011/b342f2a1/attachment-0001.asc>


More information about the cryptography mailing list