Re: [TLS] the use cases for GSS-based TLS and the plea for integrating

To: pgut001 at cs.auckland.ac.nz
Subject: Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
From: Martin Rex <Martin.Rex at sap.com>
Date: Fri, 27 Jul 2007 17:08:18 +0200 (MEST)
Cc: tls at ietf.org
In-reply-to: <20070728020702.2x3rc53g7bksocc0@webmail.cs.auckland.ac.nz> from "pgut001@cs.auckland.ac.nz" at Jul 28, 7 02:07:02 am
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Reply-to: martin.rex at sap.com

pgut001 at cs.auckland.ac.nz wrote:
> 
> For how many more years do we have to keep flogging the PKI corpse?  If it
> worked as intended, the multibillion-dollar phishing industry wouldn't exist.
> Why keep it mandatory to implement something that very demonstrably doesn't
> work?

I beg to differ.

PKI does work.  However, the marketplace has different preferences
for a number of good reasons (IPR issues and operational costs among them).

secret-key or shared-secret authentication comes in all different flavours
and every human being learns the concept behind at a young age and
not necessarily as a software implementation.

public key technology and authentication through public key technology
is different and its complexity appears to be beyond the scope of
many non-technical people.  Where it is used, pushed and advertised,
it is often a part of a MUCH more complex thing called PKI and
cluttered with the ridiculous bloat called X.509 certificate and
the concept of "trusted (certification) authorities".

If Public Key technology was more along the line of the original
models of SSH and PGP, it would likely be used much more often.

-Martin

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
  - From: Jeffrey Altman

References:
- RE: [TLS] the use cases for GSS-based TLS and the plea for integrating
  - From: pgut001

Prev by Date: [TLS] IETF69 TLS WG summary & minutes
Next by Date: Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
Previous by thread: RE: [TLS] the use cases for GSS-based TLS and the plea for integrating
Next by thread: Re: [TLS] the use cases for GSS-based TLS and the plea for integrating
Index(es):
- Date
- Thread

Re: [TLS] the use cases for GSS-based TLS and the plea for integrating

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.