Firewall Wizards mailing list archives

RE: PKI is the pits?

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Sun, 17 Oct 2004 09:53:17 -0400

Eugene Kuznetsov wrote:

I read this, and I'm not impressed.


I agree. With the caveat that, while it's generally uncool to whine
and point and screech "PKI sucks!", a lot of people tried very
hard to stave off that particular disaster by giving heartfelt and
often excellent advice long before it was too late. The state of
PKI is a disaster because of a combination of technical people
being buttheaded, marketers over-selling a concept, and sheer
greed on the part of vendors that played a phyrric form of
"last man standing" for market dominance.

1. in my experience, public key cryptography is far more prevalent that full
public key infrastructure, which means that many of these additional
complications are simply not present...


You are absolutely correct; what we see is that public key crypto
is widely used, but only in small ways that really don't give it much
meaning. Am I the only person who finds it silly that public key is
largely used to set up temporary pipes over which passwords are
exchanged? There is definite value to this, but "the cool stuff" is
exactly what doesn't work. It's maddening and saddening but may
be an unavoidable consequence of the way market forces pushed
public key into the limelight before the human factors problems
were well compensated-for.

2. simpler protocols and solutions are far more prevalent than their more
advanced cousins; for example, people use simple HTTP-CRL's much more than
OCSP; sometimes "key revocation" is accomplished by simply deleting
authorized certs from gateways or servers


Precisely; because the more complex protocols and solutions were
never considered in the light of human factors. The big vendors were
too busy rubbing their hands and thinking, "we will get $19.95 for a
certificate from every man, woman, and coke machine on earth!!!"
to think about the scalability issues in handling CRLs for a population
of any size. Indeed, CRLs were a threat to the business model of
some companies that intended to make their $19.95 every year,
which made expiring certificates more valuable. What I am saying
is that the complex technologies never happened because they
existed in a vacuum - lacking a survivable business use case
_that_made_the_vendors_happy_ the technology didn't happen
except where it happened badly. The standards bodies had no
prayer in playing in this space, because complexity is something
the IETF and ISO are historically slow in coping with, and the
patent issues made sure they were excluded from the game.

3. every large organization has some kind of PKI in place, although its
penetration into all of the applications is often limited; this is probably
because both of the challenges cited and the lack of strong business
requirement


Most of the PKIs in large organizations have happened because
someone expended so much money that _something_ had to be
done with it or jobs would have been at stake.

4. one of the most frequent uses of "PKI" is partners connecting to
extranets by using mutually authenticated SSL; usually there is absolutely
no "infrastructure", other than loading authorized cert (or signing cert)
onto the access control proxy or maybe into LDAP; revocation involves
deleting the cert.


Correct; this is functionally the same thing as pre-exchanging
secret keys - only the key is the cert and it's "authenticated" via
a telephone call. This is still primitive cryptography, it's just
using high-tech tools: kind of like using a CNC milling machine
to implement a stone axe. In most of these cases, secret keys
would work just as well, be easier to field, have less performance
(network and compute) cost, and be much less complex.

5. some of the work in XKMS and web services more generally does address
some of the traditional pkI challenges, and also creates a new field of
application for the technology; digital signatures of individual
transactions and public key encryption are probably getting more used now
than in the preceding 20 years, precisely because of WS-Security, SAML, etc;
unfortunately, XKMS is not taking off as quickly as one might hope


There has to be a reason why it isn't taking off quickly. Either because
the problem it addresses isn't correctly framed or painful enough, or it
doesn't solve it well or cost-effectively - or something. Do you have
any sense of what might be going on there?

mjr. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

PKI is the pits? Christopher Hicks (Oct 14)
- Re: PKI is the pits? Bennett Todd (Oct 14)
- RE: PKI is the pits? Eugene Kuznetsov (Oct 17)
  - RE: PKI is the pits? Marcus J. Ranum (Oct 17)
    - PIX Books Shimon Silberschlag (Oct 22)
    - Re: PIX Books Josh Welch (Oct 22)
    - Re: PIX Books greg padden (Oct 22)
    - Re: PIX Books Matthew Powell (Oct 25)
    - RE: PIX Books sci-admin (Oct 30)
    - RE: PKI is the pits? Eugene Kuznetsov (Oct 22)