A security researcher was able to revoke a third party's Symantec certificate by presenting a fake private key.
https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html
Symantec have at least acknowledged that this is a problem.
https://www.symantec.com/connect/blogs/third-party-revocation-updates
... but seriously, why do we even still have PKI? Shouldn't DNS registrars be the ones signing certs.After all, that's *all* a cert means, that you own a domain.
@natecull Well one thing's for sure, we ought to kill the CA cartel. Let's Encrypt is a start, but the entire design is wrong.
So we know the goal... Like DNS, finding a proper solution is still a WIP :)
@cwebber This is where I wish we had a generalised 'key space' of some kind: eg, a namespace like DNS but where registering a name means you have a private key for that name.
But I guess there's a whole huge legal minefield around any kind of human readable names involving trademarks, libel law, hate speech etc, etc. And the problem of assigning 'root of trust' to the namespace root when we have no rational grounds to trust either nation-state or corporate level players.
@natecull We have possible solutions in progress!
So I'm convinced the DID spec (Decentralized Identifiers) is the right general "container" for these, though it's still WIP... see: https://opencreds.github.io/did-spec/
That's a bit general, and can be layered on top of a blockchain or DHT, with differing tradeoffs (basically, should objects be able to be garbage collected / disappear?)
@cwebber This looks interesting!
I'd MUCH rather any kind of DHT than any kind of blockchain - I think proof of work is a demonstrably failed mechanism which didn't accomplish any of the goals it set for itself and now is just a barrier to scaling and efficiency and, ironically, distributed hosting.
@natecull I'm wary of the blockchain approach myself (though note that you wouldn't need the kind of boil-the-ocean mining you have in bitcoin for this to work) and also think DHTs are a better route; what we need is a system to incentivize "archivists" to hold on to peoples' lightweight identifier objects.
@natecull I suspect Internet Archive would be super behind supporting that kind of thing
@cwebber Maybe I'm underthinking this, but it seems to me that there shouldn't be a *whole* lot of infrastructure needed to publish a lightweight crypto ID (petname and public ID pair):
like, literally just publish it as a signed update by the 'parent name space provider'.
and then the requester can check that 1, it is correct and 2, that it never changes. Boom, done.
But as I said, maybe I'm underthinking this. Probably the super hard part is deletion/update/cancellation?
@natecull Heh, you hit the nail on the head with your last sentence. You may have seen me writing up my "minimalist storage/identity" system last week, and the response was talking to the DID people (and I'm convinced now they're right) is the challenge is in revocation / migration / etc of keys.
Given that, I think the Decentralized Identifiers structure isn't so large, and does seem very general! You can read it in about 30-45 minutes.
