[147224] in cryptography@c2.net mail archive
Re: [Cryptography] PRISM-Proofing and PRISM-Hardening
daemon@ATHENA.MIT.EDU (Ben Laurie)
Wed Sep 18 15:10:12 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20130918143006.GT29796@mournblade.imrryr.org>
Date: Wed, 18 Sep 2013 20:04:04 +0100
From: Ben Laurie <ben@links.org>
To: Cryptography Mailing List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============1126063960508436938==
Content-Type: multipart/alternative; boundary=047d7bdc90bed97f1404e6ad19d3
--047d7bdc90bed97f1404e6ad19d3
Content-Type: text/plain; charset=ISO-8859-1
On 18 September 2013 15:30, Viktor Dukhovni <cryptography@dukhovni.org>wrote:
> On Tue, Sep 17, 2013 at 11:48:40PM -0700, Christian Huitema wrote:
>
> > > Given that many real organizations have hundreds of front end
> > > machines sharing RSA private keys, theft of RSA keys may very well be
> > > much easier in many cases than broader forms of sabotage.
> >
> > Or we could make it easy to have one separate RSA key per front end,
> signed
> > using the main RSA key of the organization.
>
> This is only realistic with DANE TLSA (certificate usage 2 or 3),
> and thus will start to be realistic for SMTP next year (provided
> DNSSEC gets off the ground) with the release of Postfix 2.11, and
> with luck also a DANE-capable Exim release.
>
What's wrong with name-constrained intermediates?
>
> For HTTPS, there is little indication yet that any of the major
> browsers are likely to implement DANE support in the near future.
>
> --
> Viktor.
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
--047d7bdc90bed97f1404e6ad19d3
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On 18 September 2013 15:30, Viktor Dukhovni <span dir=3D"ltr"><<=
a href=3D"mailto:cryptography@dukhovni.org" target=3D"_blank">cryptography@=
dukhovni.org</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On Tue, Sep 17, 2013 at 11=
:48:40PM -0700, Christian Huitema wrote:<br>
<br>
> > Given that many real organizations have hundreds of front end<br>
> > machines sharing RSA private keys, theft of RSA keys may very wel=
l be<br>
> > much easier in many cases than broader forms of sabotage.<br>
><br>
> Or we could make it easy to have one separate RSA key per front end, s=
igned<br>
> using the main RSA key of the organization.<br>
<br>
</div>This is only realistic with DANE TLSA (certificate usage 2 or 3),<br>
and thus will start to be realistic for SMTP next year (provided<br>
DNSSEC gets off the ground) with the release of Postfix 2.11, and<br>
with luck also a DANE-capable Exim release.<br></blockquote><div><br></div>=
<div>What's wrong with name-constrained intermediates?</div><div>=A0</d=
iv><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left=
:1px #ccc solid;padding-left:1ex">
<br>
For HTTPS, there is little indication yet that any of the major<br>
browsers are likely to implement DANE support in the near future.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
=A0 =A0 =A0 =A0 Viktor.<br>
</font></span><div class=3D"HOEnZb"><div class=3D"h5">_____________________=
__________________________<br>
The cryptography mailing list<br>
<a href=3D"mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><=
br>
<a href=3D"http://www.metzdowd.com/mailman/listinfo/cryptography" target=3D=
"_blank">http://www.metzdowd.com/mailman/listinfo/cryptography</a><br>
</div></div></blockquote></div><br></div></div>
--047d7bdc90bed97f1404e6ad19d3--
--===============1126063960508436938==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============1126063960508436938==--
