[1265] in cryptography@c2.net mail archive
Re: Fortezza dying on the vine?
daemon@ATHENA.MIT.EDU (Rick Smith)
Mon Jul 28 14:01:42 1997
In-Reply-To: <v03007805afff457f7e4a@[198.115.179.81]>
Date: Mon, 28 Jul 1997 11:15:00 -0600
To: Vin McLellan <vin@shore.net>
From: Rick Smith <smith@securecomputing.com>
Cc: cryptography@c2.net
Vin says:
> I'm a little more pessimistic than Rick. I do expect key and cert
>management to quickly become a bear. Chained certs will define a whole new
>class of administrative headache.
I'm not *that* optimistic, especially when it comes to chained certs. Note
that the first certificate system used in any sense by the general public
did no real chaining: the Netscape Commerce Server certificates signed by
RSADSI/Verisign. Despite the problems of a centralized CA, the dead-simple
features of the approach will appeal to many enterprises, especially
smaller ones.
> I also expect that notation on 509-type certificates will very
>quickly be called upon to carry the weight of privilege management for the
>OS or the network, which may add an entertaining layer or two to cert
>management.
Alternatively, things may remain as they are today and certs will become
surrogate passwords. Privilege management will fall into the traditional if
clunky model of mapping identities to privileges at individual sites or
hosts. The model is too well understood to be discarded soon by vendors or
customers. Alternatives might appear in turnkey, proprietary systems but
it's too new to work reliably in open standards.
An aside: our inability to reliably enforce privileges will remain the
fundamental weakness of all computer security. Eventually the FBI will give
up on key escrow and concentrate on honing their hacking skills. This shift
was broadly hinted at in the NRC crypto policy report. Don't forget Rule #1
of cryptanalysis: go after the plaintext.
> Maintaining the integrity of digital signatures outside dot-GOV may
>require transferring a lot more responsibility to the user. Fine in theory
>-- in practice, maybe a sysadmin's worst nightmare.
Sysadmins are in the landing zone every time a software developer thows a
problem over the wall. They're the ones facing the real challenges today.
> Sorry to say, but I don't think the Fortezza field staff "mucked up."
Agreed. Despite all this activity in certificate systems over the past
several years, it's an untried technology in many, many ways. It's still on
the side of the chasm with the techno-buffs. It hasn't made it into the
mainstream.
Rick.
smith@securecomputing.com Secure Computing Corporation
"Internet Cryptography" in bookstores soon http://www.visi.com/crypto/
