[79550] in cryptography@c2.net mail archive
Re: Failure of PKI in messaging
daemon@ATHENA.MIT.EDU (silvio)
Fri Feb 16 09:55:14 2007
Date: Fri, 16 Feb 2007 01:17:46 -0500
From: silvio <silvio@burst.net>
To: "Leichter, Jerry" <leichter_jerrold@emc.com>
CC: John Levine <johnl@iecc.com>, cryptography@metzdowd.com,
edgerck@nma.com
In-Reply-To: <Pine.SOL.4.61.0702150951030.26140@mental>
Leichter, Jerry wrote:
> I think the whole notion of decentralizing *everything* has turned out
> to be a trap. Yes, it makes for great cryptography and system design to
> find ways to do without a trusted third party. But the resulting
> systems just don't fit the way people think and work. Trust has
> *always* been based on personal contact
In human interactions trust is not based upon a centralized "authority"
either. So having a decentralized, inter-human solution such as PKI is
actually a lot closer to the natural ways of things, than the SSL
CA-based infrastructure.
The human touch is somewhat missing though and that's an implementation
issue. For example, one of the heavily underused features of GPG is the
picture ID. It'd make a lot more sense for non-geeks to see a picture of
their friend "message verified to come from [pic here]" than the more
obscure "Good signature from John Doe" which needs to be interpreted.
Likewise the mentioned use of colors, which would aid in intuitive
understanding of the authenticity and security of a message (or lack
thereof).
Silvio
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
