OT: (or is it?) Interesting take on PKI and security

Tim Bogart timbogart at yahoo.com
Sun Jul 4 02:21:18 MST 2010


Yes they do.  The difference being that if public keys are going to be forged in the circle of trust system, a whole lot of systems have to be compromised.  With PKI, you're putting all your eggs in that one basket.  And if you lose control of it.  That's it.  Game over.  You're in trouble.  And that's always the issue with centralization of anything.

My .02.

t





________________________________
From: Technomage <technomage.hawke at gmail.com>
To: plug-discuss at lists.plug.phoenix.az.us
Sent: Sat, July 3, 2010 12:09:46 AM
Subject: Re: OT: (or is it?) Interesting take on PKI and security

 On 7/1/10 6:36 PM, Mike Schwartz wrote: 
Interesting take on PKI and security 
>http://www.schneier.com/paper-pki-ft.txt
>a favorite take-away quote, from it:
>"[...] security is very difficult, both to understand and to implement. " 
The biggest problem with security is that most (nearly 99%) do not
understand it,
the reasons for it or how to implement and use it. Those few that do
can largely be counted 
as a very small number (less than 1,000) in the entire field and a lot
of them spent
years leaning how. 

I personally know enough to know I *really* don't know nearly enough
(and perhaps just enough to 
keep the honest people honest and that's about it).

as for the 2 models presented, each has its own Achilles heal.


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20100704/1a678c11/attachment.html>


More information about the PLUG-discuss mailing list