In a message written on Wed, Jun 20, 2012 at 06:37:50PM -0400, valdis.kletni...@vt.edu wrote: > I have to agree with Leo on this one. Key management *is* hard - especially > the part about doing secure key management in a world where Vint Cerf > says there's 140M pwned boxes. It's all nice and sugary and GUI-fied and > pretty and Joe Sixpack can do it - till his computer becomes part of the 140M > and then he's *really* screwed.
I'm glad you agree with me. :)
That's no different than today. Today Joe Sixpack keeps all his
passwords in his browsers cache. When his computer becomes part of the
botnet the bot owner downloads that file, and also starts a keylogger to
get more passwords from him.
In the world I propose when his computer becomes part of the botnet
they will download the private key material, same as before.
My proposal neither helps, nor hurts, the problem of Joe Sixpack's
machine being broken into is orthoganal and not addressed. It needs to
be, but not by what I am proposing.
--
Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
pgpfhOcWj5KHW.pgp
Description: PGP signature
