aba@atlas.ex.ac.uk writes:
Now the puzzling stuff is people who appear to be arguing that MITM is unimportant
Hal said this same thing in a recent note. For myself, I've never meant to argue that the MITM threat is unimportant. I've simply contended that you're no more vulnerable to it in the key-as-True-Name scenario than with a certificate-bound key-to-name relationship system. If you assume an MITM could thwart the establishment of trust in the first case, then I guess I posit that the same energies could with equivalent hope for success be directed in an attack on a more "traditional" certificate scheme.
Perhaps the view is based on the fact that there are plenty of situations where you don't care what an entities name is, and hence the attribute which should be under discussion is credit worthiness, or reliability, but still you need to protect against MITM, using whatever channels and means available. I don't see how this alters the argument.
And this is where I start to think we're all in agreement even though there's an argument going on! Yes, I think you need to protect against MITM attacks by whatever means are available. I think that no matter what you do, if you're strictly relying on communications systems over which you ultimately have no control (if at some point somebody you simply have to trust on faith inevitably gets his hands on your bits), then you have to put up with a non-zero probability of being victimized by a MITM attack. If you're willing on blind faith to trust certificates granted by some authority, you're fooling yourself (I claim). If you only trust that authority because it fits into an established web, then I don't see why there's any need for a certificate binding a public key to some "True Name" constant; what's the point? (How do you know the alleged True Name has any meaning in the first place?) I also posit that this is not really any different than the problems of social interaction homo sapiens have been dealing with ever since they grunted their way into cooperative tribal life. [ I kinda wish somebody with more of a clue than I have would support me or tell me to shut up :-] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) | | stand there and flap your arms like a fish. | Tivoli Systems, Austin TX | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~