|
||
|
23 September 2011 Ultra-Security
Date: Fri, 23 Sep 2011 21:08:13 +1000 On 23/09/11 08:33 AM, Nico Williams wrote:
> On Sun, Sep 18, 2011 at 11:22 AM,
M.R.<makrober[at]gmail.com> wrote:
> It could vary. I would go TOFU -- trust-on-first-use -- here alone, but replaceable by certs signed by other parties, in a compatible fashion. I don't understand the leap-of-faith metaphor. It seems to me that trusting a CA is a leap of faith given that we have to trust all of them, and we know next to nothing about them. Bad risk analysis there, because we've outsourced it to unknown parties, via other unknown parties. Whereas when we are doing the TOFU mechanism, we can incorporate all of our local knowledge and decide whether there is any risk in dealing with this merchant. Good risk analysis.
> For high-security applications (like banking) you'll generally want
to There is another level of security above that which I guess we'll have to call ultra-security [0]. This is for real time transactions (payment systems or trading) and/or high values, and/or natsec things. In ultra-sec, we'd download a client securely the supplier, and put it on to a single purpose machine. iang [0] Which I call high security. Banking I generally call medium security ... anything using web browsers isn't really serious IMHO. _______________________________________________
cryptography mailing
list
|