On 25/04/2014 16:36 pm, Jeffrey Goldberg wrote: > On 2014-04-25, at 4:09 AM, Peter Gutmann <[email protected]> wrote: > >> http://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf > > In which Peter says: ... > I hated X.509 when it was first being introduced, and much preferred PGP’s > “Web of Trust”. I still hate X.509 for all of the usual reasons, but I now > have much more sympathy for the design choices. It fails at its goal of not > demanding unrealistic from ordinary users, but at least it tries attempts to > do so.
There is a slight problem with goals here. PKI was never designed for ordinary users. If you read the original documentation of how PKI was organised before the web-PKI was invented, it talks about how each relying party has to enter into a contract and verify that the CPS provides the answer they are looking for. In this context, it was reasonable to talk about the relying party trusting the results, because they had actually gone through the process of developing that trust. According to the theory. When they did the web-PKI however they threw away all of the reliance contract requirements, or buried them, but kept the language of trust. As you point out, they had to do this because ordinary users won't go through the process of CPS and contract review. So the result was trust-but-no-trust. We are not using PKI as it was designed and theorised. We're using some form of facade that originally had no proper contractual basis. The contracts are being sorted out now, over the last 5 years or so, in secret, but the joke of course is that we still all believe that we're using trust and PKI and so forth when none of that really applies. iang _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
