[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Fwd: Re: [CAP] Then Again... (was Re: CAP Security UsingDigitalSignatures)
... >X-Provags-ID: V01U2FsdGVkX1/wOxIUnjbwHy2JzzXUgIGVjlpLV2yb4OiHTZkn80 > ElYMKFLwzeeKSO >From: "Hannes Tschofenig" <Hannes.Tschofenig@gmx.net> >To: "'Art Botterell'" <acb@incident.com>, > <cap-list@lists.incident.com> >Date: Thu, 12 Mar 2009 23:11:01 +0200 >Thread-Index: AcmjVNtiQzITaJ5ORimIxcf69zRfLQAATPCA >X-Y-GMX-Trusted: 0 >X-FuHaFi: 0.61 >Subject: Re: [CAP] Then Again... (was Re: CAP Security > UsingDigitalSignatures) >X-BeenThere: cap-list@lists.incident.com >List-Id: Common Alerting Protocol Public Discussion > <cap-list.lists.incident.com> >List-Unsubscribe: <http://lists.incident.com/mailman/options/cap-list>, > <mailto:cap-list-request@lists.incident.com?subject=unsubscribe> >List-Archive: <http://lists.incident.com/pipermail/cap-list> >List-Post: <mailto:cap-list@lists.incident.com> >List-Help: <mailto:cap-list-request@lists.incident.com?subject=help> >List-Subscribe: <http://lists.incident.com/mailman/listinfo/cap-list>, > <mailto:cap-list-request@lists.incident.com?subject=subscribe> >Sender: cap-list-bounces@lists.incident.com >X-Nonspam: Statistical 58% > >Hi Art, > >>On Mar 12, 2009, at 3/12/09 1:17 PM, Hannes Tschofenig wrote: >>> What does it mean if you have authenticated the message sender? >>> Would this tell the user a lot? >> >>It would indeed. For human recipients the credibility of the >>source is one of the chief factors in warning message >>effectiveness. And do we expect automated systems to sound >>sirens or interrupt broadcasts or ring cellphones without >>being able to determine that the message is intact and >>authentic and verifiably from a source that can be held >>accountable? Not likely. > >Most systems (even the systems that are being standardized today) are based >on the assumption of hop-by-hop security). > >No digital signature does not mean no security; just means different >security mechanisms. > >> >>> If you cannot verify the signature do dump the message? >> >>Depends on the circumstance, but in many cases (see above) the >>answer would be "yes"... if a message can't be attributed to a >>particular source, or if that source isn't considered >>authoritative according to >>the recipient's own policy, then that message may well be ignored. >>Depends on the costs of a "false positive"... for something >>like a server outage alert, they may be low and such >>safeguards excessive, but for a large-scale public warning >>application they're politically essential. >> >>As for a PKI... we've been experiencing a chicken-and-egg >>deadlock for a number of years now. Without implementations >>that use digital signatures, there's been no demand for a PKI. >> And many implementers have been waiting for someone to >>establish a PKI before they start developing such >>implementations. Fortunately, it's possible develop and >>demonstrate such implementations on a limited scale without >>requiring a full-blown PKI, so that's the end of the string I >>suggest we tug on first. >> >>Personally I'd very much like to see a membership-based >>organization like COMCARE take the lead in deploying a PKI for >>public safety users. But we don't have to wait for the >>perfect before we experiment with the good. > >Sure, it would be nice to have those things in place but getting there is >tough. >If you use the trust anchors already available in the browser then you could >deploy something that may work but obviously you wouldn't get the same >guarantees as in a case where you have those entities distributing warnings >also being accredited (for example, by COMCARE or ITU-T) in order to get a >certificate. > >Ciao >Hannes > > >>- Art >> >> >>_______________________________________________ >>This list is for public discussion of the Common Alerting >>Protocol. This list is NOT part of the formal record of the >>OASIS Emergency Management TC. Comments for the OASIS record >>should be posted using the form at >>http://www.oasis-open.org/committees/comments/form.php?wg_abbre >>v=emergency >>CAP-list mailing list > >CAP-list@lists.incident.com >>http://lists.incident.com/mailman/listinfo/cap-list >> >>This list is not for announcements, advertising or advocacy of >>any particular program or product other than the CAP itself. >> > >_______________________________________________ >This list is for public discussion of the Common Alerting Protocol. >This list is NOT part of the formal record of the OASIS Emergency >Management TC. Comments for the OASIS record should be posted using >the form at >http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=emergency >CAP-list mailing list >CAP-list@lists.incident.com >http://lists.incident.com/mailman/listinfo/cap-list > >This list is not for announcements, advertising or advocacy of any >particular program or product other than the CAP itself. -- Rex Brooks President, CEO Starbourne Communications Design GeoAddress: 1361-A Addison Berkeley, CA 94702 Tel: 510-898-0670
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]