[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] comments on draft-kupwade-sip-iba-00

To: Eric Rescorla <ekr at networkresonance.com>
Subject: Re: [Sip] comments on draft-kupwade-sip-iba-00
From: Harsh Kupwade <harsh_smu at yahoo.com>
Date: Wed, 27 Feb 2008 09:14:26 -0800 (PST)
Cc: sip at ietf.org
Delivered-to: ietfarch-sip-web-archive at core3.amsl.com
Delivered-to: sip at core3.amsl.com
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=qTRQX4N9kLHmow+EvXXosnNsUyTxkquHzRbAwGCmE+7yFaBOBi1XA3EVUui0QSaF+L7fpzBqb/iCEqWCVsJ0005S75wkbTkdxRmWQmyVN2uTd8APQZ7gPmGJ3E1btOTLeEkgcUpWxRpE05RZ5eJfYk9+U2NSEOGde7Slx48y5x0=;
In-reply-to: <20080227170702.5A5C05081A at romeo.rtfm.com>
List-help: <mailto:sip-request@ietf.org?subject=help>
List-id: Session Initiation Protocol <sip.ietf.org>
List-post: <mailto:sip@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
Sender: sip-bounces at ietf.org

What if the trust anchors are not complied into your client? Then verifying a digital signature is not a trivial problem.

Cross certificate validation is a challenging issue?

Eric Rescorla <ekr at networkresonance.com> wrote:

At Wed, 27 Feb 2008 08:59:10 -0800 (PST),
Harsh Kupwade wrote:
>
> [1 ]
> How can we verify a certificate from a random CA? It will definitely
> be a serious threat in the near future.

Uh, that the trust anchors are publicly known and compiled into
your client.

> A malicious KG is equivalent to a malicious CA. A malicious CA
> can also tag a public key to a different user and pose the same
> threat level.

Yes, a malicious CA is bad.
No, a malicious CA is not anywhere near as bad as a malicious KG.
A malicious CA has to mount MITM attacks on all your traffic
in order to decrypt. A malicious KG can passively decrypt.

Again, some people view escrow as a feature, but its simply
not true that the security properties of PKI-based systems
are the same as those IBE-based systems.

-Ekr

Never miss a thing. Make Yahoo your homepage.

_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip

Follow-Ups:
- Re: [Sip] comments on draft-kupwade-sip-iba-00
  - From: Eric Rescorla

References:
- Re: [Sip] comments on draft-kupwade-sip-iba-00
  - From: Eric Rescorla

Prev by Date: Re: [Sip] comments on draft-kupwade-sip-iba-00
Next by Date: Re: [Sip] comments on draft-kupwade-sip-iba-00
Previous by thread: Re: [Sip] comments on draft-kupwade-sip-iba-00
Next by thread: Re: [Sip] comments on draft-kupwade-sip-iba-00
Index(es):
- Date
- Thread