That's my perspective... like it or not. It's still true.
Basics don't change.
t
________________________________
From: Lisa Kachold <
lisakachold@obnosis.com>
To: Main PLUG discussion list <
plug-discuss@lists.plug.phoenix.az.us>
Sent: Fri, July 2, 2010 5:30:00 PM
Subject: Re: OT: (or is it?) Interesting take on PKI and security
On Thu, Jul 1, 2010 at 8:00 PM, Tim Bogart <
timbogart@yahoo.com> wrote:
All,
>
>
>This is a perfectly crystallized
>description of views I espoused in a book I wrote 3 years ago which
>didn't get published. I did an entire chapter on PKI versus
>circle of trust. What's the difference between the two.
>Fundamentally, it's philosophy, and Ellison and Schnier said it
>best. "Who do you trust?" Public Key
>Infrastructure is largely adopted by large firms who have a burning
>desire to centralize the process. Have you ever met a manager
>or executive that didn't have an inclination toward wanting to have
>iron fisted control over a process or system? PKI provides that
>control, and that makes them feel good. Circle of trust
>decentralizes the control and allows anybody in an organization to
>sign keys. This places the onus of inquiry on the user to
>validate or verify signatures independently. And in my
>estimation, from a security perspective, this is a good thing.
>The circle of trust can be compared to the play or movie called “Six
>Degrees of Separation.” It goes like this... Do you know the Pope?
> Probably not. But how many acquaintances do you think you have
>between yourself and the Pope? Well, let's assume you know me,
>that's one. I know Vint Cerf, that's two. Vint Cerf knows George
>Bush, that's three. And President Bush knows the Pope, that's four.
>So, if you knew me, there would be four degrees of separation between
>you and the Pope. I'm not going to go into whether you trust George
>Bush, or the Pope, or me for that matter, but I think you see how it
>works. In a large Corporation like Verizon, or the US Military,
>there's an echelon of command that dictates who you should trust.
>But is that the best way to go? I say no. Not from a security
>perspective. Independent validation of credentials is always
>preferable to centralization in this scenario because if there is a
>breakdown in the chain of trust with the PKI model, it can be
>catastrophic. If there is a breakdown in the chain of trust in a
>circle of trust system, it's recoverable because there is more than a
>single path of trust. It's comparable to the very reason the
>Internet and packet switched networks were developed by DARPA. If a
>catastrophic event took out a major telecommunications switch,
>rerouting calls would be very time consuming and sometimes impossible
>in a circuit switched network. Whereas with a packet switched
>network, the packets containing the call information would be
>rerouted around the damaged segment or segments automatically.
>That's what the Internet was invented for in the first place (read
>“Where Wizards Stay Up Late. The Origins of the Internet”
>by Katie Hafner and Mathew Lyon, ISBN 0684812010, Library of Congress
>#TK5105.875.I57 H338 1996 ).
>
>
>
>“But management needs central
>control!” They can still have it with circle of trust. They can
>poison pill any key set they wish. They can even require key
>signatures that will allow management or agents thereof to open
>encrypted emails. It's all in the architecture and how it's
>administered. I worked for a company that used circle of trust and
>did just that. But the skeleton keys weren't held by one entity.
>The company had a master or skeleton key and could open an encrypted
>document or email. The key to the security in this scenario was the
>process. There was a formalized request and approval process that
>was required with certain checks and balances in place to ensure the
>act of breaching and encrypted transmission wasn't abused by a single
>person, like launching a missile from a submarine.
>
>
>Anyway, I could go on and on. But I
>won't bore you. Suffice to say that Bruce and Carl are absolutely
>correct.
>
>
>BTW... get the book. It starts out a
>bit slow but there's all kinds of good stuff in there, like who's
>responsible for making the first router work, who's idea was it to
>fund it initially? Who came up with the RFC system? Who's responsible
>for the @ in email addresses and all kinds of good stuff. It pays to
>know your history, and this book's got a bunch of it.
>My $0.02
>
>t
>
>
>
>
________________________________
From: Mike Schwartz <
schwartz@acm.org>
>To: PLUG-discuss mailing list <plug-discuss@lists.plug.phoenix.az.us>
>Cc: Mike L Schwartz <schwartz@acm.org>
>Sent: Thu, July 1, 2010 6:36:12 PM
>Subject: OT: (or is it?) Interesting take on PKI and security
>
>
>Interesting take on PKI and security
>http://www.schneier.com/paper-pki-ft.txt
>a favorite take-away quote, from it:
>"[...] security is very difficult, both to understand and to implement. "
>(that's from the 2nd sentence, of about the 4th-to-last paragraph). ...something to think about...
>--
>Mike Schwartz
>Glendale AZ
>schwartz@acm.org
>
>
Tim,
Useless history! Better yet play with PK yourself, setup sendmail with DKIM keys, and play with DNS to understand various RFCs.
I can't get my brain trivia tables to index history, unless it's music history or art history?
--
Office: (480)307-8707
AT&T: (503)754-4452
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)