[standards-jig] XML Encryption

Iain Shigeoka iainshigeoka at yahoo.com
Tue Mar 19 18:42:12 UTC 2002


On 3/18/02 2:39 PM, "David Waite" <mass at akuma.org> wrote:

> dirkx at covalent.net wrote:
> 
>> Trust is not absolute. In a lot of deployment worlds certain levels of
>> trust are enough - and do not need a corperate CA to be part of the chain.
>> 
>> What I am referring to is that if I get a signed message with a public key
>> inside it from Mr X - and I do not really know him - over time as I
>> communicate with him under that key - and perhaps using secondary hints
>> such as DNS resolving right, his web site, his email - I get a practical
>> enough trust relation. It is not perfect - it is good enough.
>> 
> Right - and one of the issues becomes that this trust is not
> application-specific, and this should really be handled by an external
> tool. I've only messed with two tools which do this - one was called
> 'PGP', and the other 'gnupg'.

Of course, this gets us into a web of trust model (aka pgp).  From what I
understand, it works great for small, security motivated groups, but quickly
breaks down when dealing with large groups and strangers.  This makes me a
bit skeptical about using it for IM for anything beyond consumer-level
contact list/chat applications.  If this is all we are targeting then it
seems like a fine proposal.  I'd suggest that we adopt the pgp nomenclature
if we pursue a web of trust model.

However, even for consumer level protection, considering the mainstream use
of pgp for email (read, practically none) I wonder about the ability of this
to find widespread use.  Perhaps IM or better GUI tools will make it succeed
where pgp failed...I don't know.

My interests lie in enterprise security where I don't think a web of trust
model will work.  The best thing I've seen so far is still the
centralized/trusted CA model (although I'm not particularly fond of that
solution).  Consider that in many use cases in the enterprise, you will need
to either trust or not trust someone with a transaction the first time (and
perhaps only time) you interact with them (soap eCommerce transactions for
example).  Also, in many cases (anonymous purchasing), trust and identity
are completely separate issues (something that is hard to model/enforce in a
web of trust).

Thoughts?

-iain


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com




More information about the Standards mailing list