Link: Ten Risks of PKI

July 29, 2006

Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure is a paper by Carl Ellison and Bruce Schneier. These aren't technical risks, at least not directly, and it makes for interesting reading. (And after you're done reading your printed copy of the PDF you can leave it out in a strategic spot for other people to run across.)

(From this comp.lang.python article by Edward Elliot, which I ran across through the Daily Python URL.)


Comments on this page:

From 70.231.162.4 at 2006-07-29 19:17:22:

My main issue with PKI is the 'wrong threat model' argument...

  http://iang.org/ssl/wytm.html

and more overally griping (where I encountered the above link)

  http://iang.org/ssl/pki_considered_harmful.html

but it basically boils down to somebody having said 'PK has this problem with MITM attacks, but hey, here's this cool cerftificate model that gets around it' whereas SSH shows that in you can minimize exposure to MITM attacks (to the very first time you contact a site) without all the expensive, complex infrastructure.

Hmm, on preview those links aren't showing as links. Wonder if they will be when I post. Probably not. Oh well.

--nothings

By cks at 2006-08-09 23:45:22:

Here's nothings' two links in active form, for at least my convenience:

(Preview of comments is always accurate; it uses the exact same DWikiText to HTML rendering code as the comment will use when posted, it just draws the data from a different place.)

(I should have written this a while back, but I forgot. Whoops!)

Written on 29 July 2006.
« Another little sysadmin twitch or two
Weekly spam summary on July 29th, 2006 »

Page tools: View Source, View Normal.
Search:
Login: Password:

Last modified: Sat Jul 29 12:39:57 2006
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.