I guess if one is defining a standard (or merely deciding which standard to use) the first thing to do is be clear about what problem one is trying to solve.
In the simplest case, crypto is used when Alice and Bob want to communicate without Eve knowing what they are saying. And public key crypto solves that problem.
The only difficulty is when A and B don't already know each other's public keys but which to communicate. A solution is for A to send B a message saying "here's my public key, I want to talk, what's yours?", B to reply and then for them to talk. Of course this key exchange could be automated.
This solution, however, has a problem: it is vulnerable to a man-in-the-middle attack. Efforts to solve this problem include X.509 and the PGP web-of-trust.
I now have an admission to make: I don't understand the web of trust. I've read the GnuPG documentation and it all seems very complicated. I possibly could understand it if I really made an effort too, but my brain tends to recoil at things thast appear to be overly complex. Maybe I am just too stupid or lazy to understand it; however I know more about crypto than the average PC user, so if I think its too difficult, what's the average user to think? I suspect many would simply shrug their shoulders and give up.
Which brings me to another issue. People like their computers to be secure, but they also like to be able to get their work done, and for nearly everyone, getting stuff done is a higher priority than computer security. Therefore if the user perceives a security system as being too complex or effortful, they are likely to by-pass it. Hence a user might write out their password on a post-it note attached to their screen.
This suggests to me that any good security system will be as nearly transparent as possible to the user, or it won't get used. Also, it should be as simple to understand as possible, because the harder it is to understand, the more likely it is that the user will set it up incorrectly in a way that makes it insecure.
Anyway that's just some random meanderings from me. If/when you set up this mailing list, please let me know, I'd like to be on it.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
timeasmymeasure
no subject
Date: 2007-02-19 10:11 pm (UTC)In the simplest case, crypto is used when Alice and Bob want to communicate without Eve knowing what they are saying. And public key crypto solves that problem.
The only difficulty is when A and B don't already know each other's public keys but which to communicate. A solution is for A to send B a message saying "here's my public key, I want to talk, what's yours?", B to reply and then for them to talk. Of course this key exchange could be automated.
This solution, however, has a problem: it is vulnerable to a man-in-the-middle attack. Efforts to solve this problem include X.509 and the PGP web-of-trust.
I now have an admission to make: I don't understand the web of trust. I've read the GnuPG documentation and it all seems very complicated. I possibly could understand it if I really made an effort too, but my brain tends to recoil at things thast appear to be overly complex. Maybe I am just too stupid or lazy to understand it; however I know more about crypto than the average PC user, so if I think its too difficult, what's the average user to think? I suspect many would simply shrug their shoulders and give up.
Which brings me to another issue. People like their computers to be secure, but they also like to be able to get their work done, and for nearly everyone, getting stuff done is a higher priority than computer security. Therefore if the user perceives a security system as being too complex or effortful, they are likely to by-pass it. Hence a user might write out their password on a post-it note attached to their screen.
This suggests to me that any good security system will be as nearly transparent as possible to the user, or it won't get used. Also, it should be as simple to understand as possible, because the harder it is to understand, the more likely it is that the user will set it up incorrectly in a way that makes it insecure.
Anyway that's just some random meanderings from me. If/when you set up this mailing list, please let me know, I'd like to be on it.