Re: why OpenPGP is preferable to S/MIME (Re: NAI pulls out the DMCA stick)
On Thu, May 23, 2002 at 07:10:01PM +0100, Adam Back wrote: | Certificate authorities also can forge certificates and issue | certificates in fake names if asked by government agencies. S/MIME is | too much under central control by design to be a sensible choice for | general individual use. So what if we create the Cypherpunks Root CA, which (either) signs what you submit to it via a web page, or publish the secret key? We then get the Cypherpunks Root CA key added to the browsers--it can't be that hard, the US postal service managed it... Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
On Thu, May 23, 2002 at 03:05:49PM -0400, Adam Shostack wrote:
So what if we create the Cypherpunks Root CA, which (either) signs what you submit to it via a web page, or publish the secret key?
This won't achieve the desired effect because it will just destroy the S/MIME trust mechanism. S/MIME is based on the assumption that all CAs are trustworthy. Anyone can forge any identity for clients with that key installed. S/MIME isn't really compatible with the web of trust because because of the two tier trust system -- all CAs are assumed trustworthy and all users are not able to sign anything. By issuing a key and revealing it's private key, you elevate a rogue user to being a CA and then the system would be broken.
We then get the Cypherpunks Root CA key added to the browsers--it can't be that hard, the US postal service managed it...
I think you'd have to do it in reverse to stand a chance if you literally published the private key -- they're never going to add the public key for a known compromised private key. Also it costs lots of money, and takes some time to take effect. Adam
On Thu, 23 May 2002, Adam Back wrote:
On Thu, May 23, 2002 at 03:05:49PM -0400, Adam Shostack wrote:
So what if we create the Cypherpunks Root CA, which (either) signs what you submit to it via a web page, or publish the secret key?
This won't achieve the desired effect because it will just destroy the S/MIME trust mechanism. S/MIME is based on the assumption that all CAs are trustworthy.
Which is, of course, a major flaw. S/MIME is of some value for internal corporate email for companies who can run their own CA. (The sort of people who used to be Xcert's customers.) S/MIME is of very little value outside of a closed intranet environment, for the simple reason that public CAs are mostly incompetent, untrustworthy, or both. -MW-
-- On 23 May 2002 at 21:58, Adam Back wrote:
This won't achieve the desired effect because it will just destroy the S/MIME trust mechanism. S/MIME is based on the assumption that all CAs are trustworthy. Anyone can forge any identity for clients with that key installed. S/MIME isn't really compatible with the web of trust because because of the two tier trust system -- all CAs are assumed trustworthy and all users are not able to sign anything.
Or to say the same thing in slightly different words, all CAs are perfectly and equally trustworthy, and all users are untrustworthy. This system is inherently authoritarian. Because that authority must be restricted for it to be useful, it is inherently a pain in the ass to administer, with inherently high administrative costs. Like socialism, S/MIME results in bureacracy, delay, expense, and inefficiency. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG USL5cv1ggEyWtLV5o70QlHagEAxDOVzR+aGoGJyG 4r/H3bXgCwZ3aRF4U6H7Adat9jD9PjCxb1FPSgQpk
participants (4)
-
Adam Back -
Adam Shostack -
jamesd@echeque.com -
Meyer Wolfsheim