Re: (no subject)

From: opentrax@email.com
Date: 01/14/01


Date: Sun, 14 Jan 2001 01:49:24 -0800 (PST)
From: opentrax@email.com
To: ftobin@uiuc.edu


On 14 Jan, Frank Tobin wrote:
> Crist J. Clark, at 16:50 -0800 on Sat, 13 Jan 2001, wrote:
>
> I am not sure I understand your argument here. I your system, how does
> the _user_ authenticate himself? Biometrics? HW token? Smart card?
> Really, no passwords?
>
>...[Trimmed]....
>
> One key idea is to leave the strength of the security as much up to the
> user as possible. With passwords, however, the user has to worry about
> both ends being compromoised (his end, and the server's end); if the
> server is compromised, and his password gotten, this might be used against
> him other places. With public-key authentication, he only has to worry
> about his end; if the server's end is compromised, the user's security is
> compromised little.
>
The concept you present "leave the strength.. up to the user.." is
sound. As a matter of fact, one security concept worth noting is,
"the person damaged - should be the person responsible". However,
your argument for PKA shows a flaw in assuming that the PKA
offer some type of protection if the server is comprimised.

If the server is comprimised, then *any* schenario must make
certain assumptions. Hence, the-man-in-the-middle schenarios/attacks.

I should also state that arguments on this level are nothing
more than vicious circles. Even a deep analysis will lead back
to other weakness. That is, weaknesses not associated with
PKA, SSH or the client/server.

                                Best Regards,
                                Jessem.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages