[Freedombox-discuss] my summary of yesterday's Hackfest

[Daniel Kahn Gillmor]

On 03/01/2011 12:33 PM, Melvin Carvalho wrote:
> But actually there is a way in the case of the Freedom Box, because
> you have the advantage of controlling your own server.
> 
> Since you are already running a webserver and (hopefully) have control
> of your DNS.
> 
> You can provide a two-way verification chain.
> 
> 1. Your Person Profile publishes your public key.  (this is a few
> lines of html5, should be easy)
> 2. Point your self-signed X.509 to your Freedom Box profile.  This can
> be done by putting an entry in the SubjectAltName field of the cert, a
> common technique.
> 
> This provides strong verification for all the X.509 tool chain and
> means you can talk security to any server using SSL/TLS which is most
> of them, providing strong authentication as a side product.

This doesn't provide an adequate means of revocation, though.  If an
attacker gets control over your key, and is able to repoint DNS, then
you cannot publish any revocation statement about this key through this
channel.

OpenPGP already has a globally distributed keyserver network that can be
used this way.

Also, your proposal (as i understand it) doesn't include any mechanisms
for third-parties to make certification statements about your key, which
would be critical for establishing secure connections to
as-yet-uncontacted nodes in a distributed network.

These two points are what i meant when i said that this model has "no
way of verifying/revoking these keys".

I'm sure you could graft something like this onto <X.509+your scheme
above>; but OpenPGP already exists and handles these cases pretty well.
 Why reinvent the wheel?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110301/b06ad338/attachment-0001.pgp>