Minimal PKI infrastructure: seeking collaborator(s)

This is a shameless violation of the official purpose of the meeting. I am seeking collaborators for my hobby horse. Please ignore it if you don't like it.

I would like to experiment with a minimal infrastructure to support applications of public cryptographic keys. "Minimal" means that the infrastructure doesn't try to solve any particular problem for any particular use case. Rather, it tries to provide functions that appear to be required for nearly all possible uses of public cryptographic keys, and that need to be provided uniformly for full value.

I believe that such an infrastructure service may be supported by existing DNS software, with some scripts for automated anonymous unverified registration of domain names at some arbitrarily low level (no new top or 2d-level DNS registration is required). In particular, the service requires no administrative effort at all per key registration.

The basic idea is to distribute, quite promiscuously, [public-key, IP#] pairs in response to queries indexed by (hashes of) the public-keys. No trusted party will sign the pairs (they may be signed by the owner of the key in the pair, or that signature may be provided through communication with the IP#).

Here is some more information in some papers in various states of disarray.

It appears that essentially every application of public cryptographic keys requires a simple, easy to find, distributor to link keys and addresses for communication. The raw (hashed) keys may already be useful as permanent non-mnemonic identifiers for agents whose IP#s may change over time. At the next level, they may be used to establish that a sequence of signed transactions involve the same agent, whose reputation may be established by her behavior in that sequence. At a higher level, other servers may provide more or less authoritative and reliable links between the public-key identifiers and other representations of identity, or qualifications on agents. These last services are likely to be expensive in human administration, and they can be reserved for transactions where they are really needed.

What I need:
  1. a co-author to help get the next paper out the door (a neurological problem prevents me from concentrating long enough to write it);
  2. a site willing and able to support a DNS server with scripts for the automatic anonymous unverified registration of keys.

Views: 66

Reply to This

Replies to This Discussion

Let's talk about this. It's something I've done on the periphery on my research in terms of certifications and granularities of trust.
You might check Nico Williams's work in the IETF BTNS WG. The goal is to remove the need for PKI from some layers of the stack, and to allow layers of the stack to couple to others that have PKI. That avoids per-layer PKI needs.

The keywords are "IETF BTNS" and either "connection latching" or "channel binding" (or both).

There have been various efforts to use the DNS as a place to store PKI info, called "opportunistic encryption" in FreeS/WAN. (Skip the Wikipedia article on this; it's not quite correct AFAICT).
Thanks for the tip. I will definitely look into William's stuff and FreeS/WAN.

For clarification: my proposal has nothing whatsoever to do with the protocol stack, nor does it support any use of the keys. It only distributes them.

Joe Touch said:
You might check Nico Williams's work in the IETF BTNS WG. The goal is to remove the need for PKI from some layers of the stack, and to allow layers of the stack to couple to others that have PKI. That avoids per-layer PKI needs.
The keywords are "IETF BTNS" and either "connection latching" or "channel binding" (or both).
There have been various efforts to use the DNS as a place to store PKI info, called "opportunistic encryption" in FreeS/WAN. (Skip the Wikipedia article on this; it's not quite correct AFAICT).

Reply to Discussion

RSS

© 2017   Created by David Clark.   Powered by

Report an Issue  |  Terms of Service