Maybe It's Snake Oil All the Way Down

James A. Donald jamesd at echeque.com
Sat Jun 7 12:43:39 PDT 2003 

    --
James A. Donald:
> > Suppose the e-gold, to prevent this sea of spam trying to 
> > get people to login to fake e-gold sites, wanted people to 
> > use public keys instead of shared secrets, making your 
> > secret key the instrument that controls the account instead 
> > of your shared password.
> >
> > They could not do this using the standard IE webbrowser. 
> > They would have to get users to download a custom client, 
> > or at least, like hushmail, a custom control inside IE.

Anonymous
> Why do you say that?  You were already given pointers to how 
> they could configure their web servers to use certificate 
> based client authentication.

That is a solution to a completely different problem.  Using 
that method the administrator would have to set up each client, 
which is impractically expensive and inconvenient unless 
administrator and customer meet personally and their computers 
are in the same office.

The point is that the customer should be able to set himself 
up, as he does on e-gold, hotmail, hushmail, etc, and that if 
subsequently he is fooled into logging on to a fake site this 
should do no harm.

James A. Donald:
> > HTTPS assumes that the certificate shall be blessed by the 
> > administrator out of band, and has no mechanism for using a 
> > private key to establish that a user is simply the same 
> > user as last time.

Anonymous
> HTTPS is just HTTP over SSL/TLS.  It says nothing about the 
> trust model for the certificates; it merely specifies how 
> each side can deliver its cert(s) to the other side. Deciding
> which ones to trust is out of scope for TLS or HTTPS.

You cannot use https to implement the trust model that hotmail 
and everyone else uses.  In that sense it does say something 
about the trust model.  It assumes they are subject to 
hierarchical validation, which e-gold passwords and hotmail 
passwords are not.

hotmail passwords merely show it is the same guy logging in. 
You cannot use https to do this.  It is designed to show it is 
the guy blessed by the administrator logging in.

> E-Gold could set things up to allow its customers to 
> authenticate with certs issued by Verisign, or with 
> considerably more work it could even issue certs itself that 
> could be used for customer authentication. Why doesn't it do 
> so?

Because that is not the trust model they or hotmail want to 
implement.   They don't want true names, and they do not want, 
and cannot afford, the very great overheads associated with 
true names.

To implement the desired trust model, the client browser would 
need to generate the private key during account creation. 
E-gold would then record the corresponding public key.   You 
cannot do that with existing client software.

They do not want to turn their business model upside down to 
support verisign's profit model.   The problem is to implement
the existing model in a way that protects against the man in
the middle attack represented by this storm of fake sites. 

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     OPeQMye27fygWs3rNrP88mXXiOYU+xcVrAyLlBjO
     4+rppNlgtCDm9YfF1Wiqe//vrDa3kdlXpzatLpbhm


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cypherpunks-legacy mailing list