[OT] Re: Trust
ndk.clanbo at gmail.com
Sun Apr 21 10:11:27 CEST 2013
Il 19/04/2013 00:18, Jay Sulzberger ha scritto:
> 1. Is the stack used for credit card use over the Net sufficiently "secure"?
> Indeed this question is ill defined: "secure" for what, against what?
Just cryptographycally secure: the data you send "cannot" be read by
others except the server. That, obviously, tells you nothing about:
- who runs the server
- if the server has been hacked
- what will the "current owner" of the site do with your card data
When you trust a certificate, you're assuming that the CA that signed it
actually did some checks, but have you actually ever read a CA's policy?
The check could simply be that who is requesting the certificate can
read the mail associated with that domain in the DNS...
> 2. In what ways does the problem of email encryption differ from
> the problem of encrypting credit card and other money-valuable
> data in transit, with http as the transport protocol?
For example, you usually want to be able to read your mail "forever"
after you received it, but you aren't interested in "replying" a TLS
session (except for debug purposes in a controlled environment): if you
need to see the movements list on your CC, you just open a new
connection to the bank and get an updated page.
> 3. If the stack used for credit card use over the Net is good
> enough for most purchases, could we use a similar stack to secure
> email in transit? In particular, could we use a similar stack,
> with a similar ease of learning and ease of use, as perceived by
> most of the people who today buy stuff using a credit card over
> the Net?
Just for mail "in transit": servers can use TLS to encapsulate mail
protocols instead of http. Mail remains cleartext when saved locally.
Or you can add another layer to achieve end-to-end security, given that
"somehow" you know other party's public key.
That "somehow" might be x509 certs or GPG keys or anything else, and the
level of trust you give it depends on many factors. But to know how much
you can trust it, you have to know roughly how it works -- every system
can be abused, and the friendlier the simpler to abuse.
Remember that even a registered commercial activity (that could pass
Extended Validation) can be a scam (recent first-hand experience...).
More information about the Gnupg-users