[LINK] Demolition Job on Digital Signatures
Thu, 9 Nov 2000 12:49:08 +1100 (EST)
On Thu, 9 Nov 2000, Roger Clarke wrote:
> I've finally got round to codifying the problems with conventional public
> key infrastructures, i.e. those based on X.509 certificates.
Great paper, a few comments:
My pet hates about X.509 are technical in nature, primarily:
- The lack of single standard (see Peter Guttman's X.509 style guide
for the gory details)
- The lack of sane, correct implementations. Microsoft being the worst
- Needless complexity, which is antithetical to security. X.509 is as
bloated and horrid as the other ISO standards.
Unfortunately X.509 won't die until the market gives it a damn good stake
through the heart in the form of SSL/TLS utilising an alternate PKI. There
were some internet-drafts on using OpenPGP in TLS, but they expired
before I read them.
The last set of bullet points you state that "infrastructural elements
must all be in place..." as preconditions for assurance.
IMO this is a little redundant. Decent PK means that if you have and
trust the recipients key AND they have and trust yours then even in the
presence of a hostile intervening network the worst that can happen is
a failure to communicate.
A possible exception to this is certificate revocation list servers, but
strong implementations will "fail-closed" and you excluded non-repudiation
from the scope two paragraphs ago :)
Your last assertion "CAs deflect attention from the critical
weaknesses..." could do with a little more explanation, perhaps a
Anecdote: From my window I can see E-Sign's Australian Head Office, they
are a prime example of this sort of behaviour. A presentation of theirs
that I attended focused entirely on their "seven levels of security" and
how they had ex-federal police consulting on their security design.
CRLs are largely replaced by OCSP (online certificate status protocol),
though I have never seen the use of either - a concern in itself.
There is one application where a hierarchial model of trust works very
well, which has also been X.509's "killer app" - business web site
| ``We've all heard that a million monkeys banging on | Damien Miller -
| a million typewriters will eventually reproduce the | <email@example.com>
| works of Shakespeare. Now, thanks to the Internet, /
| we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org