Re: PKI is weakly secure (was Re: Updating the rules?)

To: Masataka Ohta <mohta at necom830.hpcl.titech.ac.jp>
Subject: Re: PKI is weakly secure (was Re: Updating the rules?)
From: Eliot Lear <lear at cisco.com>
Date: Sat, 07 Jul 2007 12:18:50 +0200
Authentication-results: ams-dkim-2; header.From=lear@cisco.com; dkim=pass (s ig from cisco.com/amsdkim2001 verified; );
Cc: Keith Moore <moore at cs.utk.edu>, IETF discussion list <ietf at ietf.org>
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=536; t=1183803534; x=1184667534; c=relaxed/simple; s=amsdkim2001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=lear@cisco.com; z=From:=20Eliot=20Lear=20<lear@cisco.com> |Subject:=20Re=3A=20PKI=20is=20weakly=20secure=20(was=20Re=3A=20Updating= 20the=20rules?) |Sender:=20; bh=clvUKCatWSaqR+oVtEGfxn0CyGgHI5E8c/9bP8pn1wI=; b=kZz+mIzKUKBO+QCCMZuinc69aYImUJBxxgLg5oL1fieWEdLNZUpQ9q+UPjvAvAHsT5yiRY3C SqT/ZlJa64Wbp5QNGxci48cjvhl08qw4uFPSgMVUj/p+nrmWIK1X/WIG;
In-reply-to: <468F5EA8.8070006@necom830.hpcl.titech.ac.jp>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <468C9DC5.1070805@gmail.com> <68fba5c50707062119l43e230edsd2361b55b2e2225b@mail.gmail.com> <468F331F.7000409@cs.utk.edu> <468F5EA8.8070006@necom830.hpcl.titech.ac.jp>
User-agent: Thunderbird 2.0.0.4 (Macintosh/20070604)

[I should know better, but...]

Masataka Ohta wrote:

What, do you mean, strong security?
Given that CAs of PKI can be compromised as easily as ISPs of the Internet, PKI is merely weakly secure as weakly as the plain Internet.

This can be said of any technology that is poorly managed. On the other hand, can you cite examples of a well known certificate (say one that I might have found in Mozilla, Netscape, Firefox, etc) that has actually been compromised? I know of precisely one example.

Eliot

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

Follow-Ups:
- Re: PKI is weakly secure (was Re: Updating the rules?)
  - From: Masataka Ohta

References:
- Updating the rules?
  - From: Brian E Carpenter
- Re: Updating the rules?
  - From: Robert Sayre
- Re: Updating the rules?
  - From: Keith Moore
- PKI is weakly secure (was Re: Updating the rules?)
  - From: Masataka Ohta

Prev by Date: PKI is weakly secure (was Re: Updating the rules?)
Next by Date: Re: PKI is weakly secure (was Re: Updating the rules?)
Previous by thread: PKI is weakly secure (was Re: Updating the rules?)
Next by thread: Re: PKI is weakly secure (was Re: Updating the rules?)
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: PKI is weakly secure (was Re: Updating the rules?)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.