Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] [Freedombox-discuss] FBX Server/Client Communication Model and Threat Modeling

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sat Feb 16 09:38:04 PST 2013


On 02/15/2013 10:25 PM, Nick M. Daly wrote:
>    For example, is it acceptable if the client's secret key be exposed
>    when the box is rooted by attackers?  (Probably not, but that does
>    let the host act as a trust proxy without relying on subkeys, or
>    other weird yet conceptually interesting trust models).

what's wrong with using subkeys or explicitly designating a trust proxy?
 it seems like the tradeoff (of having a rootable machine hold your
basic secret key identity material) is clear enough to make the use of
explicitly revokable proxies worth doing.

	--dkg



More information about the liberationtech mailing list