Re: [pkix] fyi: Sovereign Keys: an EFF proposal for more secure TLS authentication
Carl Wallace <carl@redhoundsoftware.com> Mon, 12 December 2011 13:36 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10E0D21F8AF4 for <pkix@ietfa.amsl.com>; Mon, 12 Dec 2011 05:36:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QvaQL+VCkMbd for <pkix@ietfa.amsl.com>; Mon, 12 Dec 2011 05:36:29 -0800 (PST)
Received: from mail-qw0-f44.google.com (mail-qw0-f44.google.com [209.85.216.44]) by ietfa.amsl.com (Postfix) with ESMTP id 406A821F8AF3 for <pkix@ietf.org>; Mon, 12 Dec 2011 05:36:29 -0800 (PST)
Received: by qadb15 with SMTP id b15so2851479qad.10 for <pkix@ietf.org>; Mon, 12 Dec 2011 05:36:27 -0800 (PST)
Received: by 10.224.105.11 with SMTP id r11mr17063131qao.68.1323696987596; Mon, 12 Dec 2011 05:36:27 -0800 (PST)
Received: from [192.168.1.5] (pool-173-79-170-49.washdc.fios.verizon.net. [173.79.170.49]) by mx.google.com with ESMTPS id ft9sm1837000qab.20.2011.12.12.05.36.22 (version=SSLv3 cipher=OTHER); Mon, 12 Dec 2011 05:36:26 -0800 (PST)
User-Agent: Microsoft-MacOutlook/14.13.0.110805
Date: Mon, 12 Dec 2011 08:36:20 -0500
From: Carl Wallace <carl@redhoundsoftware.com>
To: "Miller, Timothy J." <tmiller@mitre.org>, Adam Langley <agl@google.com>
Message-ID: <CB0B6A77.F4D3%carl@redhoundsoftware.com>
Thread-Topic: [pkix] fyi: Sovereign Keys: an EFF proposal for more secure TLS authentication
In-Reply-To: <CB0B5640.2EE1%tmiller@mitre.org>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Cc: IETF PKIX WG <pkix@ietf.org>, Ben Laurie <ben@links.org>
Subject: Re: [pkix] fyi: Sovereign Keys: an EFF proposal for more secure TLS authentication
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Dec 2011 13:36:30 -0000
> >That's not quite what I was asking. How does the browser know that the >list of notaries provided with the proof are the "correct" notaries for >the site? This sort of gets at a different question. Why does a browser need to always operate with a broad trust posture? Folks know when they are banking and could easily indicate that intent to the browser, without needing to have the ability to authenticate their favorite shoe shop, doctor, etc. during that session. This selection could be implemented as a selection of notary (or a temporary reduction of the TA store, or a temporary usage of name constraints, etc.).
- [pkix] fyi: Sovereign Keys: an EFF proposal for m… =JeffH
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Phillip Hallam-Baker
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Carl Wallace
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Carl Wallace
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Miller, Timothy J.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Martin Rex
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Paul Hoffman
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Martin Rex
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Peter Gutmann
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Martin Rex
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Polk, William T.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Peter Gutmann
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Martin Rex
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Martin Rex
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Manger, James H
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Martin Rex
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Stephen Kent
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Stephen Kent
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Rob Stradling
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Adam Langley
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Stephen Kent
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Kemp, David P.
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Martin Rex
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Ben Laurie
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Michael StJohns
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Michael StJohns
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Phillip Hallam-Baker
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Martin Rex
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Santosh Chokhani
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Tom Ritter
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Santosh Chokhani
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Peter Gutmann
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Peter Gutmann
- Re: [pkix] fyi: Sovereign Keys: an EFF proposal f… Yoav Nir