[cap-talk] Firefox breaks the principle of identifiability

Tue Feb 8 01:11:09 EST 2005

Jed writes:
>I gave some examples in my next message on this topic.  Perhaps you could 
>address them.
>For example, I gave the example where someone I trust could say, "If you 
>visit the site, view
>it's SSL certificate and find that it's MD5 Fingerprint is 
>A9:04:4D:...:E2:31:9A  then I can trust
>that it's "Paypal" the organization that you can place some trust in."

Yuck!  I'm a security geek, and even I couldn't stand to use this kind of
mechanism on a regular basis.  Do we really expect others to be willing
to put up with this?  That's straining credulity.

Let me step back a minute.  I think there are two worldviews here.

The crypto-purist's view: Public keys are the only names you can trust.
The only way you can be introduced to Coca Cola is to have someone you
trust absolutely give you Coca Cola's public key.  When you want to
communicate with Coca Cola, you should always specify who you want to
communicate with by telling the computer Coca Cola's public key.  As an
optimization, you can tell the computer Coca Cola's public key once,
and establish a pet name, but that's just an optimization.  As another
optimization, we can let the SHA1 fingerprint stand in as a substitute
for Coca Cola's public key, but that's just another optimization.  If you
want to be introduced to Coca Cola through a non-electronic channel, the
introducer has to tell you Coca Cola's public key (or its fingerprint)
and you have to type it into your computer.  Names (i.e., public keys)
should only be communicated over the computer.  IP addresses and domain
names are useful only for routing.

The realist's view: In the real world, sometimes we learn names over
non-digital channels.  For instance, the name "Coca Cola" has a nearly
universal binding.  Having your computer insist that the name "Coca Cola"
means nothing isn't helpful.  What is the owner of the Coca Cola brand
supposed to do?  Print their public key at the bottom of every TV ad
they ever make, and hope that everyone who sees the ad will meticulously
type in a 40-hex digit string?  Hopeless.  And the idea that people will
tell their friends "I drink ee65f5a583fb7b26c753faf610586372409f2ec1"
instead of "I drink Coke" seems something far short of plausible.

I have trouble believing that something as extreme as the crypto-purist's
worldview is ever going to be workable in the real world -- at least,
not as the complete answer.  As much as the security geek in me cringes
at the thought of advocating a global root of trust like Verisign, I
think there is an argument that something short of the crypto-purist's
stance might be required, at least in many cases.