Eric Rescorla wrote:
At Mon, 21 Jul 2008 05:44:25 +0100, Ben Laurie wrote:Eric Rescorla wrote:So, I'm not saying that l-o-f will necessarily work here, but I don't think it's necessary to prompt the user. Rather, you can just accept the first key you see...And prompt them when it changes?Good question. Probably retry via the original channel. I agree it's not a real adequate answer...
This is the pervasive question for almost all security schemes. How does a client system establish, and then "maintain", trust in a remote party which you (the designer, with your opinion perhaps reflected reflected in a "policy") assume equiped with more skills in IT security management.
DNSEXT revisits this question because ... because what, I don't know. Actually the question belongs to the IT security community of experts which never addressed the question for what it is, i.e. pervasive for almost all security schemes.
Thanks to Eric for joining the discussion and bringing it to this point. -- - Thierry Moreau CONNOTECH Experts-conseils inc. 9130 Place de Montgolfier Montreal, Qc Canada H2M 2A1 Tel.: (514)385-5691 Fax: (514)385-5900 web site: http://www.connotech.com e-mail: thierry.moreau@connotech.com -- to unsubscribe send a message to namedroppers-request@ops.ietf.org with the word 'unsubscribe' in a single line as the message text body. archive: <http://ops.ietf.org/lists/namedroppers/>