Policy-Discussion

[Ian G <iang AT cacert.org>]

On 28/05/2014 12:27 pm, Eva Stöwe wrote:
> Dear Ian,
>
>> You might be able to construct an argument that "big companies" should
>> be able to share .. but I prefer to view it as naked power.  Big
>> companies can get away with stuff that small people can't.  Which
>> therefore causes me personally to invoke the anti-discrimination
>> clause;  so if a big Belgian company can share the world's secrets
>> without impunity then we have to do something other than just write
>> empty words which only apply if and when we have small victims.
> do I understand you right?
>
> There are rules that forbid something. Someone manages to get away. You
> are angry about this and now you say the rules should go, because there
> was someone who got away?

?  No, not sure where that came from.  My point was probably that rules
should be seen within a context of what most people did; not what some
experts think is right.  We have to protect our own against
insecurities.  Sometimes rules are those insecurities.


> Yes, one should do more. What about setting an example that one would
> not like to tolerate it? Even to be loud about it?

? Be loud about the fact that a Belgian company spilled the secrets of
the world's transactions?  Yeah, did that.  Do more?  Set an example?

I don't follow this train of thought.


> (There is a lot more people can do and maybe even try to do, but that is
> not the point of this discussion.)

Which is?


>>> Now for another gedankenexperiment. Consider you have a big company who
>>> issues some certificates to their employees with which those employees
>>> should communicate to keep the business secrets secure. Than you learn
>>> that one of your employees has shared his key with an employee of a
>>> rival and the rival beats you in a competition and you lose big numbers
>>> of money because of the rival knew what you planned and where your weak
>>> points where. I think you would sack said employee and you would sue him
>>> for this. You probably would win this case,
>> On the facts above, yes.  The security involved protecting the business
>> secrets.  The act of the employee was designed to defeat that purpose.
>>
>> It does not meet CCA 2.5-4.
> Correct, there was no CCA involved and CAcert was not involved anywhere. ;-)

Then, what's the point?


>>> So even if one country declares that one has to share everything with
>>> them, this will be illegal everywhere else and following this can lead
>>> to quite harsh legal issues everywhere else.
>>>
>>> Sharing keys and by this secrets (even "unimportant" details can make a
>>> big difference) is banned more or less in every context and one has to
>>> expect harsh punishment for it.
>> CCA requires you to secure your private keys, and specifically brings in
>> the risks of others, making this quite broad.  It uses the word 'secure'
>> because it is tied to the semantics or high level meaning of what you
>> are trying to really protect.
>>
>> It doesn't list any particular precautions because that is too hard to
>> do in CCA.  E.g., there is no requirement in CCA to use a HSM or a
>> keyfob or a password, even.
>>
>> For the same motive, it doesn't say "don't share keys" because "sharing"
>> is a complicated issue.  If I put my key on a HSM and I share the HSM,
>> have I shared the key?
> Bennys proposal does not say "don't share keys" as well:
>
> "to secure your private keys, ensuring attributability to their intended
> context,"

Is that it?  Can we see it in context?


> There are no particular precautions named. The new point introduced is
> that one should aim for the keys not leaving the context they are issued
> for.
>
>>> Why should it be different within CAcert? Why should we state that we
>>> allow to do so - with only saying "should not"?
>> It's not the case that sharing keys is banned under all or even most
>> circumstances;  indeed there are specific provisions in the CP/CPS where
>> the sharing should be defined.
> Yes, the proposed change takes this into account.
>

OK, can we actually see the text of the proposed change?  I skipped back
a few emails and can't see it.



iang