[cap-talk] A petname toolbar for Firefox
Ian G
iang at systemics.com
Mon Feb 21 11:19:45 EST 2005
Mark Miller wrote:
> Ian G wrote:
>
>> Is there a document describing the security model of this new system?
>
>
> http://www.waterken.com/dev/YURL/httpsy/
>
>> (Just as an aside, I think TLS to be a clumsy choice
>> if reliability is required. It is singularly a near worst
>> way to go for payments, for example.)
>
>
> Why???
Payments are transaction elements, and should be
treated as datagrams for reliability purposes. TLS
is a connection-oriented protocol (over TCP/IP) so
it suffers unreliability artifacts at a couple of edge
cases. A reliable application must overcome those,
so the end result of using a connection oriented
protocol is that you have to layer datagrams over
a connection protocol. Why bother? Once you've
secured the payments at the datagram level, just
send a UDP packet.
The only reason to use TLS for a packet oriented
application like payments would be the convenience
of having all the crypto done for you. But you pay
a steep price for that, in terms of reliability.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
More information about the cap-talk
mailing list