[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Please discuss: draft-housley-evidence-extns-00

To: mark@xxxxxxxxxxxxxxxxxxxx (Mark Brown)
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00
From: Martin Rex <martin.rex@xxxxxxx>
Date: Wed, 3 Jan 2007 23:55:18 +0100 (MET)
Cc: tls@xxxxxxxx
In-reply-to: <002401c72f6f$5269f6e0$6801a8c0@xxxxxxxxx> from "Mark Brown" at Jan 3, 7 01:42:37 pm
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Reply-to: martin.rex@xxxxxxx

Mark Brown wrote:
> 
> Here's an example to motivate why someone might want an un-forgeable record.
> Say you're buying tickets to a popular concert/movie/etc. online (i.e.,
> limited inventory situation).  In this case you (buyer) might care even more
> about getting a ticket than its price.  So when you show up at the venue you
> want your electronic tickets / records of sale sustain a fair verification
> effort that they are not forgeries.  You do not want the venue manager to
> say, "Sorry, we don't have records of this transaction..."

Sorry, but this is complete bullshit.

Browsers traditionally use up to 4 independent connections to retrieve
parts of what composes a Web page as seen by the user, and that results
in several parallel independent TLS-protected communcation channels.

Similar things happens in the middleware of other applications.

The majority of online-shops uses a crazy amount of http gimicks to
beef up their web-pages, including CSS and javascript, and you don't
seem to have looked at the raw source code of any of that stuff lately,
or you would know that this stuff is close to incomprehensible at
the network level.  Implementing some visualization software to
make sense from the captures&signed fraction of a raw datastream
will require magnitudes more code&time than implementing digital
signatures in a clean an understandable way at the application level
and the signed data can be made comprehensible for mere mortals
in raw form or compatible and verifyable with standardized software
(i.e. PKCS#7 / CMS).

-Martin

_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- RE: [TLS] Please discuss: draft-housley-evidence-extns-00
  - From: Mark Brown

References:
- RE: [TLS] Please discuss: draft-housley-evidence-extns-00
  - From: Mark Brown

Prev by Date: RE: [TLS] Please discuss: draft-housley-evidence-extns-00
Next by Date: Re: [TLS] Please discuss: draft-housley-evidence-extns-00
Previous by thread: Re: [TLS] Please discuss: draft-housley-evidence-extns-00
Next by thread: RE: [TLS] Please discuss: draft-housley-evidence-extns-00
Index(es):
- Date
- Thread