Re: [fw-wiz] The home user problem returns
From: Paul D. Robertson (paul_at_compuwar.net)
To: Chris Blask <firstname.lastname@example.org> Date: Tue, 13 Sep 2005 17:37:33 -0400 (EDT)
On Tue, 13 Sep 2005, Chris Blask wrote:
> Hey Paul!
> > > The problem is that, without any sort of identity (and there is
> > > exactly 0.0000% of net traffic using anything worth calling
> > > identity), it is impossible to treat Identified traffic and Anonymous
> > > traffic differently, as they logically deserve.
> >Two words: Identity Fraud.
> ?! (I'll never see that again without thinking of Scooby Doo -
> thanks, P Melson! ;~)
> Not sure where you were going with that, but my point is that I (as a
> network owner) can choose to treat Identified traffic with one (or
> more) level of trust and Un-Identified traffic with another
> (logically much lower) level of trust.
My point is that identification is *hard*- it's a boundary problem, and we
don't have a solid boundary. That means that abuse is easy- an attacker
will just come through as someone else, so everyone will be "identified,"
they just won't necessarily match their identification.
> I have to correct my "0.0000%" comment, as well. There is actually
> quite a lot of practical Identity being used on the net, *we* just
> have not provided much of it. Anyone who buys and sells on eBay or
> orders something online is using Identity to a level that is
> acceptable to the other party. As long as the level of fraud in
> these transactions is similar-to or lower-than the level of fraud in
> non-net transactions, then the methods they are using are correct.
> > > Decentralized, distributed responsibility. If I own an auth server
> > > then I am responsible for the activities of those who use it. If I
> >You're willing to be responsible for your user's behavior? After they're
> Sorry, incorrectly stated: I'm willing to be responsible for knowing
> who the real human is who has used my Identity service.
But you don't- you know who's credentials were used, and that's it.
That's pretty far from knowing who the user is.
> >Just like the encryption boundary problem that is the reason SSL is
> >severely broken as a concept, the use of identity can't be done in a
> >system that's not closed, and we don't have the methods, technologies or
> >wherewithall to close the software, transport and physical endpoints
> We use identity in the physical world in a way that allows us to
> function, with all sorts of weaknesses in that identity process
> (sure, put a picture on my credit card, no-one will look at it; my
> Mother's Maiden Name, are you serious!?!)).
> IMHO, the reaons we have no success as an industry in providing
> Identity on the net is that we search for a "DNA-Sample" level of
> verification. We don't do this in the real world but succeed in
No, I'm not advocating doing nothing if it's not perfect, I'm saying that
the proposal is lost because it has flaws that will surface more quickly
than they can be fixed. Trojans have rendered that not workable until we
tone down the Trojan problem, which is why this thread is important.
> moving trillions of dollars in assets back and forth every day. In
> my own Living With Chaos view of the world, complex problems are
> solved by dividing them into chunks until the pieces can be
> digested. If there aren't huge chunks of this problem that can be
> digested easily (look at eBay), then the beer is on me... :~)
The beer's on you anyway!
Paul "I can identify a beer donor a mile away" Robertson
Paul D. Robertson "My statements in this message are personal opinions
email@example.com which may have no basis whatsoever in fact."
firewall-wizards mailing list