[Freedombox-discuss] FOAF developers taking FreedomBox into their equation
Henry Story
henry.story at bblfish.net
Sat Mar 12 08:11:42 UTC 2011
On 11 Mar 2011, at 18:00, Daniel Kahn Gillmor wrote:
> On 03/11/2011 05:22 AM, Jonas Smedegaard wrote:
>>> (a) infinite recursion, in the case where the web server's cert itself
>>> contains a WebID-style URI, or
>>
>> It is only infinite if we allow it to be. I suspect resolvers of
>> classical (flawed!) hierarchical SSL/TLS chained certs also put a limit
>> on the amount of intermediary certificates before reaching the root is
>> allowed before giving up.
>>
>> Similarly I imagine we can decide (despite the protocol itself having no
>> such limit) to not _bother_ resolve trust chains longer that e.g. 3
>> levels - or "hops" or "degrees" in some other lingo.
>
> I don't think we're talking about the same infinite recursion here. But
> i clearly seem to be having difficulty explaining this point in a
> comprehensible way. :/ Perhaps someone else who sees it can take a stab
> at clarifying?
I think this infinite recursion problem goes away as soon as one stops thinking in terms of absolute trust. Trust is like probability or modal logics, there is an element of context to take into account, and it is very certainly a defeasible logic. I think one has something like the following where P is the proposition: I have reached service hostname:port
- for DNS: I know P assuming the network and dns is safe (and my computer is virus free, etc..)
- for CA certs: I know P to the extent that the CAs I trust are reliable, or I am not important enough for them to loose their reputation dealing with me,...
- for DNSsec + dane: I know P to the extent that I can trust the DNSsec service is correctly maintained, the quality of the key published there, and the better the laws of the land for the domain, the more secure that will be
- for DNSsec + dane + CA: I know P to the extent of my combined trust of CAs and DNSsec
- for DNSec + dane + PGP CAs: I know P to the extent that all the above and I know and trust signers of the PGP key
The more different methods you have to come to the same conclusion the more trust you can put in your system. At some point this may start outweighing many other things, such as the security of your OS, the knowledge you have of crypto, ...
In 1993 most people were running Windows 3.1 in 1995 Windows 95 which had NO security layer, so there really was no point adding any cryptography seriously anywhere to the stack. The padlock icon was good enough. Windows NT started being widely used in 2000, and unix emerged in the mass market with OSX, and on cell phones with linux. Java also lived up to its promise in cell phones.
Now linux is everywhere, and crypto has been legalised for export. So of course one can go a lot further and build more trustworty systems.
With WebID we are looking at the current tools available for client side crypto. Those are the browsers that support keygen and SSL. This is a good springboard to show how one can get easy to use/adopt client certs going for People web of trust. That does not mean one cannot add more security with time. But it will certainly help if we have a few millions users, because the browser builders will listen to us all the more, and we will be able to have a lot more political clout to steer crypto politics.
Henry
> --dkg
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss
Social Web Architect
http://bblfish.net/
More information about the Freedombox-discuss
mailing list