lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 27 Sep 2004 23:15:21 -0700
From: Crispin Cowan <crispin@...unix.com>
To: "BUGTRAQ@...URITYFOCUS.COM" <BUGTRAQ@...URITYFOCUS.COM>
Subject: Re: New whitepaper "The Phishing Guide"


Greg A. Woods wrote:

>[ On Thursday, September 23, 2004 at 12:21:40 (-0700), Seth Arnold wrote: ]
>>Methinks PGP is good for talking within friends, but perhaps trusting
>>communications from J. Random Corporation with PGP as your best means of
>>verification is a stretch. The Web Of Trust idea only takes you so far
>>...
>>
>You seem to be blaming the existing state of the PGP web of trust on
>some fundamental failing in its design and yet you then go on to admit
>that people use the wrong kinds of things in real life to authenticate
>and identify others with, and you further admit that the public in
>general still has a lot to learn about using computing and networking
>infrastructures safely in their daily lives.
>  

No, I think it is more general than that. Seth's criticism of PGP
actually generalizes to any authentication-based "solution": it requires
the users to be trained to reject all non-authenticated communications,
and for the users to have a sophisticated notion of what constitutes
"properly authenticated."

This problem exists because the common mail clients accept
non-authenticated e-mail, and the users have been trained to just accept
that. No matter what you do, the users will continue habitually
accepting non-authenticated traffic, with all the expected consequences.

To actually fix this problem, you would have to supply your users with a
mail client that will *not* do anything "interesting" unless the mail
has been authenticated. Go ahead and try that on your users; I'll wait :)

This has nothing to do with whether you use a hierarchical PKI (VeriSign
et al) or a non-hierarchical PKI (PGP). It is all about the ease-of-use
and default policies of the mail client.

Disclaimers galore: I am on PGP's Technical Advisory Board, but do not
speak for PGP. Seth works for me at Immunix, but gets to have his own
opinions.

Crispin

>PGP's web of trust can be almost infinitely more reliable, trustworthy,
>and controllable, than any one, or many, for-profit certification
>agencies.
>
>Just because one takes a set of dedicated PGP users and tries but fails
>to establish trust relationships with non-PGP users doesn't mean PGP's
>web of trust is broken -- one of the parties is "broken", not the web of
>trust itself or the concept of a web of trust.  Obviously in order to
>establish trusted end-to-end communciations both parties must be
>dedicated to using the technology that achieves their goal and both
>parties must have some basis for relating to each other.  The web of
>trust simply allows that relationship to have a somewhat less direct
>nature and to be many-to-many instead of one-to-one.
>
>The idea that a web of trust can work very well once it reaches critical
>mass can be trivially demonstrated through simple analysis of the web of
>"friends" formed in any of these large online networking systems such as
>Orkut.
>
>
>  
>
>>-- AND have faith that everyone in the middle
>>played fairly.
>>    
>>
>
>No, that's not true -- faith doesn't enter into it.  In a sufficiently
>connected and properly maintained web of trust it should be relatively
>easy for conspirators to be weeded out and eliminated.
>
>Not that such a thing is easy to achieve of course.
>
>Obviously a sufficient level of interconnection in a web of trust
>requires a critical mass of users; and proper maintenance of the web of
>trust requires a sufficient level of proficiency and dedication on the
>part of those users.  It would certainly help a lot of those users where
>encouraged to learn what they need to know and encouraged to pay
>attention to maintaining their status and involvement through the
>initiative of whatever large institutions many people are already
>involved with.  Unfortunately it seems such institutions (e.g. banks,
>etc.) have so far gone in the direction of using for-profit (and usually
>for-profit public corporate) entities to manage x.509 style certificate
>authorities.
>
>Technically there is not a lot of difference between PGP's web of trust
>and a group of certificate authorities.  PGP is not just for mail and
>SSL/TLS is not just for HTTP.  There are indeed deficiencies in PGP's
>implementation choices.  A public web of trust can be built using any
>public-key crypto system.  I think the important thing is that we need
>to work on building a democratic web of trust -- and learn to rely less
>on certificate authorities operated by for-profit, and particularly
>public, corporations.  The public corporation is anything but
>democratic, especially when it gets involved in the affairs of private
>individuals and government bodies.
>
>  
>

-- 
Crispin Cowan, Ph.D.  http://immunix.com/~crispin/
CTO, Immunix          http://immunix.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ