[148425] in cryptography@c2.net mail archive
Re: [Cryptography] Moving forward on improving HTTP's security
daemon@ATHENA.MIT.EDU (Greg)
Thu Dec 12 18:40:04 2013
X-Original-To: cryptography@metzdowd.com
From: Greg <greg@kinostudios.com>
In-Reply-To: <5285AABA.1010206@echeque.com>
Date: Thu, 12 Dec 2013 16:15:43 -0500
To: jamesd@echeque.com
Cc: Cryptography <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============5774325510980457024==
Content-Type: multipart/signed; boundary="Apple-Mail=_54B90654-F90E-421D-8E29-57161BD192D3"; protocol="application/pgp-signature"; micalg=pgp-sha512
--Apple-Mail=_54B90654-F90E-421D-8E29-57161BD192D3
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
> The solution is yurls, Zooko's triangle, and, here comes the hard =
part, squaring Zooko's triangle.
I agree 100%.
Happy to announce okTurtles and DNSNMC: http://okturtles.com
--
Please do not email me anything that you are not comfortable also =
sharing with the NSA.
On Nov 15, 2013, at 12:01 AM, James A. Donald <jamesd@echeque.com> =
wrote:
> On 2013-11-14 15:46, Greg wrote:
>> On Nov 13, 2013, at 7:05 PM, John Kelsey <crypto.jmk@gmail.com
>> <mailto:crypto.jmk@gmail.com>> wrote:
>>> So your solution is what? Continue sending data in the clear?
>>=20
>> The basics would be to not use the CAs. Working on rest of details,
>> they're mostly finished, just gotta make 'em nice 'n pretty. And some
>> code would be good, too.
>=20
> The not quite good enough is the enemy of the adequate.
>=20
> The problem with CAs is that Bob usually knows more about Carol that =
the CA knows about Bob or Carol. Thus "trust" between Bob and Carol =
supplied by the CA tends to be inconvenient, expensive and unsafe.
>=20
> Introducing a distant third party between Bob and Carol is a security =
hole, not a security solution.
>=20
> The solution is yurls, Zooko's triangle, and, here comes the hard =
part, squaring Zooko's triangle.
>=20
>=20
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
--Apple-Mail=_54B90654-F90E-421D-8E29-57161BD192D3
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQEcBAEBCgAGBQJSqieCAAoJEKFrDougX6FkS4EH/jHbR/FXQVvKFt4qlTZYxUD3
fJ4evAsKGiyaBR5/RxEUW9La+Zf1MqJX/aqy2NoezydFIaL6dZEMtCH14udLJ/Lc
2T/sVUlhe4xzKWJkbgVZ+NyKuoqRBDGBhOVchPkM7bFL3JI0VbCKRxYHnvR6ZfEs
/hzIsBGf+iHczYfcozK8S8ud6aDmHcusxZt9MdTqG3BVVqz0sD+b7ZsNxcqAMLaZ
eLtj8VG9wCnhgv6IqTvaXc/f711qGlcWiBZod3K3LYbAsvRxMblnpmc581yv9wOB
j+UMV9pWj4+71ac5sNquojOI2NBi4o/5U1uuWH0bDl2LhnNdhgpf+yUM2Tst0fs=
=MN4+
-----END PGP SIGNATURE-----
--Apple-Mail=_54B90654-F90E-421D-8E29-57161BD192D3--
--===============5774325510980457024==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============5774325510980457024==--
