Re: [TLS] the use cases for GSS-based TLS and the plea for

[Leif Johansson <leifj at it.su.se>]

<snip>
>
> I beg to differ.  Several PKI toothing problem can be
> entirely avoided by applications when the ACLs account
> for both, subject AND issuer of a certificate in order
> to support authentication from different independent PKIs.
>
>   
Then you can just aswell avoid the use of issuers at
all and keep track of (say) certificate fingerprints
for self-signed certs.
> SSL/TLS Client certificates from seperate independet PKIs
> is fairly commen, the Web Browsers implement it and
> client components in distributed application backends
> normally also support it today. 
>   
Which was precisely my argument. A set of roots in
a common trust-store effectively makes them all
equivalent in terms of trust and if you think this
doesn't matter I invite you to investigate the pretty
large differences that exist between the CAs that
are all part of (say) the IE default trust-store.
>
>   
<snip>
>
> I belief that a common trust-root is a stupid and flawed approach.
> Of course, the PKI guys desperately need it, because without it
> all their policy and name constraints stuff remains the
> useless bloat that it is.
>   
Good, then we agree on this.
> The Kerberos cross-organization problem exists because
> of the security problems and administrative problems
> of a cross-realm trust.
>
>   
Which are more or less exactly the same problems that
exist whenever you try to setup any kind of federation. In
fact most cross-realm kerberos trusts are much easier to
setup and maintain than your (not so common) bridge CA.

You are comparing apples and pears in this email by holding
up browser-based PKI as an example of how easy cross-
domain trust is compared to kerberos. In fact there are
extremely few examples of cross-domain trusts (brigde-CAs)
in the PKI world compared to the relatively large number
of cross-realm trusts operational today.
> A common trust-root and relying on policy&name constraints
> to work puts PKI technology into a similarily miserable position
> as Kerberos so it is really stupid to go down this road.
>
> Why do I need a dozen different plastic cards in my wallet?
> Can't those issuer not simply agree on a single one?
>   
In fact I sure hope not but that is definitely off topic.
>
>   
<snip>
>
> *I* strongly prefer an initial negotation that provides a high
> probabilty that a particular method will succeed, and then
> exactly one attempt, an error message when it fails and
> NO (automatic) fallback.
>
>
> -Martin
>   

Good - this seems like the core of the disagreement.
   
    Cheers Leif

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls