[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: S2ML, Thin PKI and SPKI

To: Anders Rundgren <anders.rundgren@xxxxxxxxx>
Subject: Re: S2ML, Thin PKI and SPKI
From: Camillo Särs <Camillo.Sars@xxxxxxxxxxxx>
Date: Fri, 15 Dec 2000 15:42:05 +0200
Cc: PKIX-List <ietf-pkix@xxxxxxx>
Organization: F-Secure Corporation
References: <> <> <>

Anders Rundgren wrote:
> The reason for having the on-line trusted party (sort of real-time 
> attribute CA) is that it can generate whatever credential you need, when 
> you need it, and without any distribution or installation.

Quite useful, you are right.  But still - there are cases where generating
some credentials beforehand makes sense.  Which means that it makes sense
to allow it.  And "sense" here is "business sense".

> > and what you effectively have is very close the semantics of SPKI.
> 
> But without the distribution hassles.

Agreed.

> > In certificate systems where authorizations are higly granular, atomic and
> > limited, the risk introduced by improper use of a private key or the
> > compromise of the signing system is significantly smaller.
> 
> Actually I am much less confident that S2ML's authorization system will 
> be that popular,

I wasn't really focusing on that, but rather on the risk model.  Any model
that allows almost arbitrary "contracts" to be signed without discretion
are just too risky for real-life implementation.  The scope of the
authorization granted by the certificate should be minimal, not maximal as
in current X.509-based solutions.  Get a suitable trojan onto a user's
system, and you can sell his house, his car and make him file for divorce.
I, for one, won't be getting any certificates with that risk model. No
way.  They invert the legal burden of proof - I have to show that someone
else did these things.  How many courts of law are technically qualified to
know the difference?

> >As a matter of
> > fact, I believe this is the only way we can ever make PKI-based eCommerce
> > work outside laboratories.
> 
> You refer to SPKI here I guess?  A bit unfortunate for SPKI, is that it 
> has been shunned by´ the "big ones" and S2ML will just make this worse.
> 
> Or did I get that wrong?

You did.  SPKI is just one example of a more suitable semantic model, with
much nicer security properties.  I just happen to like it, preferences
vary.  If the "big ones" want to re-invent the wheel, or make silly
compromises, they are quite free to do so (:-).  My argument was more on
the point that systems *must* limit the power of the signatures.  And that
this limitation cannot happen on the signing client, as it runs highly
vulnerable and untrusted software.  *Any* step that limits the power is
good.  I don't care who takes it, and how, but VISA is one example of an
organization that knows something about risk management.

Regards,
Camillo
-- 
Camillo Särs <Camillo.Sars@F-Secure.com>       http://www.iki.fi/ged/
Security Researcher, F-Secure Corporation      http://www.F-Secure.com
    *** My office phone number has changed to +358 9 2520 5554 ***
   F-Secure products: Securing the Mobile, Distributed Enterprise

Follow-Ups:
- Re: S2ML, Thin PKI and SPKI
  - From: Olaf Kirch

References:
- Thin PKI won - You lost
  - From: Anders Rundgren
- Re: Thin PKI won - You lost
  - From: Camillo Särs
- S2ML, Thin PKI and SPKI
  - From: Anders Rundgren

Prev by Date: S2ML, Thin PKI and SPKI
Next by Date: Re: S2ML, Thin PKI and SPKI
Previous by thread: S2ML, Thin PKI and SPKI
Next by thread: Re: S2ML, Thin PKI and SPKI
Index(es):
- Date
- Thread