[messaging] PKI is dead

Trevor Perrin trevp at trevp.net
Fri Jan 23 15:05:49 PST 2015


Hi,

Are we just discussing website login and Web PKI here?

If there's no direct connection to end-to-end secure messaging, could
people discuss this elsewhere?

Trevor


On Fri, Jan 23, 2015 at 1:01 PM, Tony Arcieri <bascule at gmail.com> wrote:
> On Fri, Jan 23, 2015 at 1:57 AM, U.Mutlu <for-gmane at mutluit.com> wrote:
>>
>> Back to the roots: hashed pw over MITM-safe sessions (SRP, SPEKE etc, ie.
>> PAKE).
>
>
> These aren't MITM safe. They're TOFU. They have no way to authenticate the
> server.
>
> When you enroll a PAKE account, if you're talking to a MITM server, you're
> toast. The MITM can then enroll with the real service on your behalf and
> transparently proxy everything through, except the MITM will have the real
> credentials, and your credentials will only work with the MITM.
>
> Also: passwords suck and need to go away.
>
> --
> Tony Arcieri
>
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging
>


More information about the Messaging mailing list