summaryrefslogtreecommitdiff
path: root/c3/e4cb20649ef45c7d6bb04644f3291d00fc053d
blob: 542a61073ba2c5767ae2a4afd8dbc579ac61f815 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <melvincarvalho@gmail.com>) id 1V7ld9-0002Eg-0b
	for bitcoin-development@lists.sourceforge.net;
	Fri, 09 Aug 2013 12:17:19 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.219.48 as permitted sender)
	client-ip=209.85.219.48; envelope-from=melvincarvalho@gmail.com;
	helo=mail-oa0-f48.google.com; 
Received: from mail-oa0-f48.google.com ([209.85.219.48])
	by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1V7ld5-0003Ov-Kk
	for bitcoin-development@lists.sourceforge.net;
	Fri, 09 Aug 2013 12:17:18 +0000
Received: by mail-oa0-f48.google.com with SMTP id o17so6621346oag.7
	for <bitcoin-development@lists.sourceforge.net>;
	Fri, 09 Aug 2013 05:17:10 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.60.144.8 with SMTP id si8mr266640oeb.97.1376050630265; Fri,
	09 Aug 2013 05:17:10 -0700 (PDT)
Received: by 10.76.23.9 with HTTP; Fri, 9 Aug 2013 05:17:10 -0700 (PDT)
In-Reply-To: <CANEZrP3fWbGAO3MSvAzicjPmPzUGVfSgxk_MnZNUhHzE7_9drg@mail.gmail.com>
References: <CANEZrP3w+pGVJijxLr1N6wQiqg4U=RUP3Mrph2=fwF+Ga_U9sQ@mail.gmail.com>
	<CAKaEYhLftC67Lrinc2yF0coqhJi_DpM4XvoXfBwJBGv=hFi3yQ@mail.gmail.com>
	<CANEZrP3fWbGAO3MSvAzicjPmPzUGVfSgxk_MnZNUhHzE7_9drg@mail.gmail.com>
Date: Fri, 9 Aug 2013 14:17:10 +0200
Message-ID: <CAKaEYhJSf7vt8WzBBY=qZhTNhdWeWu5kjyhcyidVfFUV1vxp-g@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Mike Hearn <mike@plan99.net>
Content-Type: multipart/alternative; boundary=e89a8ff2485502911004e382c1a3
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(melvincarvalho[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	1.0 HTML_MESSAGE           BODY: HTML included in message
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1V7ld5-0003Ov-Kk
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Idea for new payment protocol PKI
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 09 Aug 2013 12:17:19 -0000

--e89a8ff2485502911004e382c1a3
Content-Type: text/plain; charset=ISO-8859-1

On 9 August 2013 14:08, Mike Hearn <mike@plan99.net> wrote:

> Bitcoin sought to reduce dependence on trusted third parties, where as,
>> persona is increasing the reach of trusted third parties.  The keys and
>> passwords are stored on mozilla's servers, sometimes on your email
>> providers.  Persona, is however, a progression and will hopefully improve
>> its security and decentralization as it goes along.
>>
>
> When Persona is supported by all the key players in a transaction Mozilla
> doesn't get anything, do they? You can easily run your own IDP on a
> personal server if you're the kind of person who likes to do that, then run
> Firefox so you have a native implementation and the Mozilla servers aren't
> involved. The keys never leave your computers.
>

You'd need to run your own email server and/or change email address, which
is not in the reach of the average user, and maybe not even of some
businesses.


>
> Whilst X.509 certs can indeed be issued for any arbitrary string, you
> still need a CA that will do it for you, and that's typically not so
> trivial. CAs aren't meant for widespread end user adoption, really, whereas
> Persona is.
>

You can self sign X.509 certificates quite easily (e.g. one click via
<KEYGEN>), then rely on a decentralized web of trust to remove browser
warnings.  A few people are working on this.


>
> I don't think Persona is any more or less centralised than other PKIs,
> really, just easier to use. Ultimately the string you're verifying is a
> user@host pair, so the host is centralised via DNS and to verify the
> assertions it vends, you must use SSL to connect to it, so under the hood
> the regular SSL PKI is still there.
>
>
>
It is easier to use, that's a great plus.  But convenience is often a trade
off with security.

I dont user user@host, I use my home page because it's easy to dereference
and get a public key.  Email is hard to dereference.

Yes, there is a reliance on DNS, which Tim calls the 'Achilles heel' of the
web, but it's held up quite well so far (fortunately for us).

Mozilla also have a master key to most email accounts, so if anyone got
access to that they could impersonate the vast majority of users that have
not opted in.  I would not use persona for financial stuff, but if I made a
casual app with non sensitive information it would be one of the top
choices, imho

--e89a8ff2485502911004e382c1a3
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On 9 August 2013 14:08, Mike Hearn <span dir=3D"ltr">&lt;<a href=3D=
"mailto:mike@plan99.net" target=3D"_blank">mike@plan99.net</a>&gt;</span> w=
rote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div class=3D"gmail_extra">=
<div class=3D"gmail_quote"><div class=3D"im"><blockquote class=3D"gmail_quo=
te" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"=
>
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">
<div>Bitcoin sought to reduce dependence on trusted third parties, where as=
, persona is increasing the reach of trusted third parties.=A0 The keys and=
 passwords are stored on mozilla&#39;s servers, sometimes on your email pro=
viders.=A0 Persona, is however, a progression and will hopefully improve it=
s security and decentralization as it goes along.<br>

</div></div></div></div></blockquote><div><br></div></div><div>When Persona=
 is supported by all the key players in a transaction Mozilla doesn&#39;t g=
et anything, do they? You can easily run your own IDP on a personal server =
if you&#39;re the kind of person who likes to do that, then run Firefox so =
you have a native implementation and the Mozilla servers aren&#39;t involve=
d. The keys never leave your computers.</div>
</div></div></div></blockquote><div><br></div><div>You&#39;d need to run yo=
ur own email server and/or change email address, which is not in the reach =
of the average user, and maybe not even of some businesses.<br></div><div>
=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;borde=
r-left:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div class=3D"gmai=
l_extra"><div class=3D"gmail_quote">
<div><br></div><div>Whilst X.509 certs can indeed be issued for any arbitra=
ry string, you still need a CA that will do it for you, and that&#39;s typi=
cally not so trivial. CAs aren&#39;t meant for widespread end user adoption=
, really, whereas Persona is.</div>
</div></div></div></blockquote><div><br></div><div>You can self sign X.509 =
certificates quite easily (e.g. one click via &lt;KEYGEN&gt;), then rely on=
 a decentralized web of trust to remove browser warnings.=A0 A few people a=
re working on this.<br>
</div><div>=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0=
 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div cl=
ass=3D"gmail_extra"><div class=3D"gmail_quote">
<div><br></div><div>I don&#39;t think Persona is any more or less centralis=
ed than other PKIs, really, just easier to use. Ultimately the string you&#=
39;re verifying is a user@host pair, so the host is centralised via DNS and=
 to verify the assertions it vends, you must use SSL to connect to it, so u=
nder the hood the regular SSL PKI is still there.</div>

<div><br></div><div><br></div></div></div></div>
</blockquote></div><br></div><div class=3D"gmail_extra">It is easier to use=
, that&#39;s a great plus.=A0 But convenience is often a trade off with sec=
urity.=A0 <br><br></div><div class=3D"gmail_extra">I dont user user@host, I=
 use my home page because it&#39;s easy to dereference and get a public key=
.=A0 Email is hard to dereference.<br>
</div><div class=3D"gmail_extra"><br>Yes, there is a reliance on DNS, which=
 Tim calls the &#39;Achilles heel&#39; of the web, but it&#39;s held up qui=
te well so far (fortunately for us).=A0 <br><br>Mozilla also have a master =
key to most email accounts, so if anyone got access to that they could impe=
rsonate the vast majority of users that have not opted in.=A0 I would not u=
se persona for financial stuff, but if I made a casual app with non sensiti=
ve information it would be one of the top choices, imho<br>
</div></div>

--e89a8ff2485502911004e382c1a3--