Re: New whitepaper "The Phishing Guide"
Greg A. Woods wrote:
[ On Thursday, September 23, 2004 at 12:21:40 (-0700), Seth Arnold wrote: ]
Methinks PGP is good for talking within friends, but perhaps trusting
communications from J. Random Corporation with PGP as your best means of
verification is a stretch. The Web Of Trust idea only takes you so far
...
You seem to be blaming the existing state of the PGP web of trust on
some fundamental failing in its design and yet you then go on to admit
that people use the wrong kinds of things in real life to authenticate
and identify others with, and you further admit that the public in
general still has a lot to learn about using computing and networking
infrastructures safely in their daily lives.
No, I think it is more general than that. Seth's criticism of PGP
actually generalizes to any authentication-based "solution": it requires
the users to be trained to reject all non-authenticated communications,
and for the users to have a sophisticated notion of what constitutes
"properly authenticated."
This problem exists because the common mail clients accept
non-authenticated e-mail, and the users have been trained to just accept
that. No matter what you do, the users will continue habitually
accepting non-authenticated traffic, with all the expected consequences.
To actually fix this problem, you would have to supply your users with a
mail client that will *not* do anything "interesting" unless the mail
has been authenticated. Go ahead and try that on your users; I'll wait :)
This has nothing to do with whether you use a hierarchical PKI (VeriSign
et al) or a non-hierarchical PKI (PGP). It is all about the ease-of-use
and default policies of the mail client.
Disclaimers galore: I am on PGP's Technical Advisory Board, but do not
speak for PGP. Seth works for me at Immunix, but gets to have his own
opinions.
Crispin
PGP's web of trust can be almost infinitely more reliable, trustworthy,
and controllable, than any one, or many, for-profit certification
agencies.
Just because one takes a set of dedicated PGP users and tries but fails
to establish trust relationships with non-PGP users doesn't mean PGP's
web of trust is broken -- one of the parties is "broken", not the web of
trust itself or the concept of a web of trust. Obviously in order to
establish trusted end-to-end communciations both parties must be
dedicated to using the technology that achieves their goal and both
parties must have some basis for relating to each other. The web of
trust simply allows that relationship to have a somewhat less direct
nature and to be many-to-many instead of one-to-one.
The idea that a web of trust can work very well once it reaches critical
mass can be trivially demonstrated through simple analysis of the web of
"friends" formed in any of these large online networking systems such as
Orkut.
-- AND have faith that everyone in the middle
played fairly.
No, that's not true -- faith doesn't enter into it. In a sufficiently
connected and properly maintained web of trust it should be relatively
easy for conspirators to be weeded out and eliminated.
Not that such a thing is easy to achieve of course.
Obviously a sufficient level of interconnection in a web of trust
requires a critical mass of users; and proper maintenance of the web of
trust requires a sufficient level of proficiency and dedication on the
part of those users. It would certainly help a lot of those users where
encouraged to learn what they need to know and encouraged to pay
attention to maintaining their status and involvement through the
initiative of whatever large institutions many people are already
involved with. Unfortunately it seems such institutions (e.g. banks,
etc.) have so far gone in the direction of using for-profit (and usually
for-profit public corporate) entities to manage x.509 style certificate
authorities.
Technically there is not a lot of difference between PGP's web of trust
and a group of certificate authorities. PGP is not just for mail and
SSL/TLS is not just for HTTP. There are indeed deficiencies in PGP's
implementation choices. A public web of trust can be built using any
public-key crypto system. I think the important thing is that we need
to work on building a democratic web of trust -- and learn to rely less
on certificate authorities operated by for-profit, and particularly
public, corporations. The public corporation is anything but
democratic, especially when it gets involved in the affairs of private
individuals and government bodies.
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com