OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

emergency-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Fwd: Re: [CAP] Then Again... (was Re: CAP Security UsingDigitalSignatures)

...
>X-Provags-ID: V01U2FsdGVkX1/wOxIUnjbwHy2JzzXUgIGVjlpLV2yb4OiHTZkn80
>	ElYMKFLwzeeKSO
>From: "Hannes Tschofenig" <Hannes.Tschofenig@gmx.net>
>To: "'Art Botterell'" <acb@incident.com>,
>	<cap-list@lists.incident.com>
>Date: Thu, 12 Mar 2009 23:11:01 +0200
>Thread-Index: AcmjVNtiQzITaJ5ORimIxcf69zRfLQAATPCA
>X-Y-GMX-Trusted: 0
>X-FuHaFi: 0.61
>Subject: Re: [CAP] Then Again... (was Re: CAP Security
>	UsingDigitalSignatures)
>X-BeenThere: cap-list@lists.incident.com
>List-Id: Common Alerting Protocol Public Discussion
>	<cap-list.lists.incident.com>
>List-Unsubscribe: <http://lists.incident.com/mailman/options/cap-list>,
>	<mailto:cap-list-request@lists.incident.com?subject=unsubscribe>
>List-Archive: <http://lists.incident.com/pipermail/cap-list>
>List-Post: <mailto:cap-list@lists.incident.com>
>List-Help: <mailto:cap-list-request@lists.incident.com?subject=help>
>List-Subscribe: <http://lists.incident.com/mailman/listinfo/cap-list>,
>	<mailto:cap-list-request@lists.incident.com?subject=subscribe>
>Sender: cap-list-bounces@lists.incident.com
>X-Nonspam: Statistical 58%
>
>Hi Art,
>
>>On Mar 12, 2009, at 3/12/09 1:17 PM, Hannes Tschofenig wrote:
>>>  What does it mean if you have authenticated the message sender? 
>>>  Would this tell the user a lot?
>>
>>It would indeed.  For human recipients the credibility of the
>>source is one of the chief factors in warning message
>>effectiveness.  And do we expect automated systems to sound
>>sirens or interrupt broadcasts or ring cellphones without
>>being able to determine that the message is intact and
>>authentic and verifiably from a source that can be held
>>accountable?  Not likely.
>
>Most systems (even the systems that are being standardized today) are based
>on the assumption of hop-by-hop security).
>
>No digital signature does not mean no security; just means different
>security mechanisms.
>
>>
>>>  If you cannot verify the signature do dump the message?
>>
>>Depends on the circumstance, but in many cases (see above) the
>>answer would be "yes"... if a message can't be attributed to a
>>particular source, or if that source isn't considered
>>authoritative according to 
>>the recipient's own policy, then that message may well be ignored.  
>>Depends on the costs of a "false positive"... for something
>>like a server outage alert, they may be low and such
>>safeguards excessive, but for a large-scale public warning
>>application they're politically essential.
>>
>>As for a PKI... we've been experiencing a chicken-and-egg
>>deadlock for a number of years now.  Without implementations
>>that use digital signatures, there's been no demand for a PKI.
>>  And many implementers have been waiting for someone to
>>establish a PKI before they start developing such
>>implementations. Fortunately, it's possible develop and
>>demonstrate such implementations on a limited scale without
>>requiring a full-blown PKI, so that's the end of the string I
>>suggest we tug on first.
>>
>>Personally I'd very much like to see a membership-based
>>organization like COMCARE take the lead in deploying a PKI for
>>public safety users.  But we don't have to wait for the
>>perfect before we experiment with the good.
>
>Sure, it would be nice to have those things in place but getting there is
>tough.
>If you use the trust anchors already available in the browser then you could
>deploy something that may work but obviously you wouldn't get the same
>guarantees as in a case where you have those entities distributing warnings
>also being accredited (for example, by COMCARE or ITU-T) in order to get a
>certificate.
>
>Ciao
>Hannes
>
>
>>- Art
>>
>>
>>_______________________________________________
>>This list is for public discussion of the Common Alerting
>>Protocol.  This list is NOT part of the formal record of the
>>OASIS Emergency Management TC.  Comments for the OASIS record
>>should be posted using the form at
>>http://www.oasis-open.org/committees/comments/form.php?wg_abbre
>>v=emergency
>>CAP-list mailing list
>  >CAP-list@lists.incident.com
>>http://lists.incident.com/mailman/listinfo/cap-list
>>
>>This list is not for announcements, advertising or advocacy of
>>any particular program or product other than the CAP itself.
>>
>
>_______________________________________________
>This list is for public discussion of the Common Alerting Protocol. 
>This list is NOT part of the formal record of the OASIS Emergency 
>Management TC.  Comments for the OASIS record should be posted using 
>the form at 
>http://www.oasis-open.org/committees/comments/form.php?wg_abbrev=emergency
>CAP-list mailing list
>CAP-list@lists.incident.com
>http://lists.incident.com/mailman/listinfo/cap-list
>
>This list is not for announcements, advertising or advocacy of any 
>particular program or product other than the CAP itself.


-- 
Rex Brooks
President, CEO
Starbourne Communications Design
GeoAddress: 1361-A Addison
Berkeley, CA 94702
Tel: 510-898-0670

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]