Eddy Nigg wrote:
On 11/26/2008 05:30 PM, Ian G:
Well, I don't see that. PGP and Skype both offer authenticated +
confidential messages, without the "certificate" side of things.
LOL, and how exactly? Or better, how can I validate that? Specially in
the case of skype, we don't even know where those keys reside, if they
change when using a different client installation, how they are
distributed, which encryption is implemented and how the keys are
exchanged. At best it's security by obscurity.
I guess I forgot to mention "ignoring implementation details..." because
we are talking about models not implementations.
Specifically, in the case of skype, handles are bound tightly to keys,
and users transfer handles between each other.
How do we know whether the keys are managed properly? Good question!
Well, it's a closed architecture & codebase, but it has been audited, so
it bears comparison to any CA which operates a closed/audited procedure.
We rely on the audit, and we trust the business won't do anything
drastically against the interests of the users.
Back to the model: it can be done, all you have to do is replicate
Skype in open source, if that's your fancy. (Whether this answers
Anders' requirements cannot be answered, because we really don't have
more than a glimmering of them.)
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
