2011-09-06 00:38 CEST [direkter Link] (letzte Änderung: 2011-09-30 18:46 CEST)
Although I don't think anybody is still reading this outdated blog (feel free to prove me wrong), I'll want to post a short note for future references.
As the various CA compromises in the last months have proven the CA based X.509 trust hierarchy to be broken in practice it will become the prevailing attack vector in the next years. I'm pretty sure that several procedural workarounds will be proposed, implemented and broken again.
But the whole trust system is still missing a fundamental cryptographic property, that is the existences of alternatives to allow mitigation of a broken alghoritm or procedure.
Given that ther are not that many established trust models, the only straightforward decision would be to create another TLS/SSL version not based on X.509 but on OpenPGP.
Is there anybody out there willing to work on an IETF draft?
UPDATE: Somebody else already wrote down the same idea in RFC 6091
As the various CA compromises in the last months have proven the CA based X.509 trust hierarchy to be broken in practice it will become the prevailing attack vector in the next years. I'm pretty sure that several procedural workarounds will be proposed, implemented and broken again.
But the whole trust system is still missing a fundamental cryptographic property, that is the existences of alternatives to allow mitigation of a broken alghoritm or procedure.
Given that ther are not that many established trust models, the only straightforward decision would be to create another TLS/SSL version not based on X.509 but on OpenPGP.
Is there anybody out there willing to work on an IETF draft?
UPDATE: Somebody else already wrote down the same idea in RFC 6091