> Now, when I send my sensitives data to that party, that party could always > turn around and give my data to my enemies, put it on a road-side bill > board, or disseminate it in various ways of which I don't approve. > Having an authenticated certificate doesn't assure me that the party won't > do that.
> The party could also give copies of his private key to my enemies, put it > on a road-side bill board, etc. And after doing that, those others might > be able to intercept and decrypt the sensitive data that I send to that > party, just as if the party had given the sensitive data directly to them. > The two situations are effectively equivalent. Having an authenticated > public key does not protect me from the actions of the authenticated > party. I can add here that the fate of our data is not only up to the authenticated party, but also to its host platform. Malware code or trojan horses can compromise our data even if the authenticated party's intentions were the best possible. In this light, another disadvantage of PKI is that it authenticates only user identity, not remote host integrity. If we think of encryption as a single layer of security and PKI authentication as a second layer, I think eventually we will go toward a third layer that will help us verify the integrity of the host platform. This is what TPM-enabled platform attestation does, for example: gives us a way to examine the software running on the host that we are sending our data to. To some extent, trusting the software running on a remote hosts allows us to harness the actions of the user, too. This, however, goes into the realm of DRM and there are multiple reasons for TPM-enabled systems being good or bad. In particular, privacy becomes of crucial concern and TPM-enabled systems must be implemented with this in mind if they are to be successful and accepted by a wide circle of users. TPM-enabled technologies have other powerful features that can supplement PKI-based systems, for example the ability to securely seal a key inside a TPM. This featury makes the task of protecting a private key easier and, I believe, such software already ships with TPM-equipped systems from HP, Dell, Lenovo, etc. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto