[cryptography] what has the NSA broken?

James A. Donald jamesd at echeque.com
Fri Sep 6 01:12:45 EDT 2013


Most private keys are issued by, not merely certified by, the CAs.

If issued by, not private.  Chances are the controlling authority also 
gets a copy of that private key.

To install your keys on your https server is painful, despite numerous 
people assuring me it is easy, and involves transporting the secret key 
hither and yon, even when done correctly.

And it is never correct to transport secret keys hither and yon.

It would be far easier if installation of an http server /automatically 
generated the private key on the server that the private key was to 
secure/, so as to minimize private key transport, automatically creating 
a self signed certificate, and then you could send off the self signed 
certificate to be made into a CA signed certificate while continuing to 
use the same private key, so that when you set up a server, you never 
have to be aware of the existence of such a thing as a private key, 
merely a certificate.

Also, of course, browsers should not put up horrible scary warnings 
about self signed keys, treating them instead as at worst no worse than 
http, and, at best, taking advantage of key continuity.
It seems to me that the current complicated user hostile system for 
getting servers certified is designed to create and maintain a massive 
security hole, that it would be a lot easier to do things the right way, 
while now we are doing things the wrong way.

 From the point of view of the person configuring a server, the public 
key should just be a guid that the server randomly generates to uniquely 
identify itself, the CA certifies the association of this guid with an 
organization and/or domain name, and as for the private key, no one 
should know about that, therefore, no one should ever have to care about 
that or think about that.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130906/59c962fd/attachment-0001.html>


More information about the cryptography mailing list