"We also need to take advantage of mobile computing technology. Secure key exchange has to occur through tamperproof channels... The rest of this proposal assumes that we can trust the hardware we own. This is a known-false assumption, and an urgent problem, but solving it is something that will have to be handled via other efforts."
But wait, the smartphone is not a tamperproof channel, and this borks the proposed scheme. Unless you've rooted your mobile, it is subject to remote control by the vendor. The attack mode would be swapping a public key, then you're talking to someone other than whom you think you're talking to.
A desktop or mobile, running "Free" software, can be in practice secure enough for reasonable trust, but not a captive phone.
Kudos on the effort to get WoT going, tho - we really need it as the CA scheme has been a house of cards.
Just a quick note, but rooting your phone does nothing to confirm or guarantee that you're untamperable. There are many binary blobs on the SoCs (like Qualcomm things) that are present regardless of whether or not you control the root account.
"Unless you've rooted your mobile, it is subject to remote control by the vendor."
... in fact, even if you have rooted your mobile, depending on the baseband processor and how it is implemented, the carrier may still have complete control - as in, DMA control - of your device.
A desktop or mobile, running "Free" software, can be in practice secure enough for reasonable trust, but not a captive phone.
Yeah, but there's a reason why rms uses a MIPS laptop; it's extremely difficult to find a full machine that can run completely on Free Software, and the non-free parts are often critical (kernel-level drivers and firmware).
"We also need to take advantage of mobile computing technology. Secure key exchange has to occur through tamperproof channels... The rest of this proposal assumes that we can trust the hardware we own. This is a known-false assumption, and an urgent problem, but solving it is something that will have to be handled via other efforts."
But wait, the smartphone is not a tamperproof channel, and this borks the proposed scheme. Unless you've rooted your mobile, it is subject to remote control by the vendor. The attack mode would be swapping a public key, then you're talking to someone other than whom you think you're talking to.
A desktop or mobile, running "Free" software, can be in practice secure enough for reasonable trust, but not a captive phone.
Kudos on the effort to get WoT going, tho - we really need it as the CA scheme has been a house of cards.