Re: Global PKI on DNS?

[Keith Moore <moore@cs.utk.edu>]

> > and also provided people don't say "hey, now there's a PKI, so I really can
> > trust it!"
> 
> Are people saying that with existing PKIs?  Regardless, is that really
> a technical problem with a technical solution?  Or is it a
> social/educational problem with a social/educational solution?  Keep
> in mind how bad it is to try to cross solution-spaces.

I don't think it's productive to try to completely separate the two, 
as they go hand-in-hand.  Many security problems stem from mis-application
of and/or investing too much trust in security technologies.  Depending 
on how you look at this this could either be a technical problem
(the technology doesn't meet the requirements) or a educational problem
(the limitations of the technology should have been respected).

Realistically, I think we need to recognize that people will want to be
able to invest a lot of trust in something that looks like a global PKI -
especially since the global PKI has long been a sort of Holy Grail that
would someday save us all when it was finally discovered.  If what is 
being proposed is not that trustworthy, and assuming that a technology
that meets some lesser goal is worth implementing for is own sake
(it's not clear to me at this point) then it would be a good idea to find
a better way to market it.  Otherwise it will be deemed a failure 
either because people were expecting a global PKI and we didn't deliver,
or because people tried to place more trust in it than was warranted
and got burned.  Neither of these seems to promote security.

Sadly, I don't think that engineering efforts on things that will affect
large numbers of users can ignore public perception and still be successful.

Keith