Failing better
Ever tried. Ever failed. No matter. Try again. Fail again. Fail better.
Samuel Beckett, Worstward Ho
Many technologies sound promising, but turn out to be less useful in practice. Public-key infrastructure (PKI) is a good example of this. There were some very smart people involved in the development of the standards that define how PKI operates, but this wasn’t enough to guarantee the success of the technology. It failed miserably when it encountered some of the real-world problems that its designers didn’t anticipate.
There’s now an effort that’s being organized to create the next generation PKI. This will be a Research Group (RG) in the IRTF, the Internet Research Task Force. This is a group that’s closely aligned with the IETF, the group that creates the standards that define how the Internet operates. Here’s part of the proposed charter of this new group:
The PKI Next Generation (PKING) Research Group will look into alternate certificate formats, semantics, and PKI services that could eventually replace PKIX if deployed. The PKING design work will be from the perspective of maximizing utility for the relying party and the identified party; issues of what would be best for a certificate authorities will be given much less priority.
Given this perspective, the design work will need to take into account how users could transition from PKIX to an eventual new PKI. Different design decisions could make this transition more or less easy, and such decisions need to be explicitly laid out. Designing a PKI that would be nearly impossible to use by current PKIX users would be considered a failure of the PKING RG.
The PKING RG will first develop a detailed list of desired features for a next-generation PKI. The resulting list will explicitly exclude the format for certificates or the design of protocols to meet the desired features. It is hoped that the RG can agree to one list, but if there is sufficient interest in having multiple lists, they will be permitted as long as each list gets significant review from the RG as a whole. The creation of this list or lists is expected to be a multi-year task.
After the feature list is created, the PKING RG will develop one or more experimental instantiations of PKIs based on the desired features. This development will include extensive evaluation of how different formats, semantics, and protocols meet the requirements, particularly the requirement for a sensible transition from PKIX to the new format and protocols. The PKING RG may develop proposals as input to the IETF for standardization, but that is not a primary goal of this research.
The research challenges expected to be faced by the PKING RG include devising a taxonomy for PKI that is based on maximal utility for a wide variety of users; avoiding features whose genesis derive from the semantics of PKIX rather than the general use cases for PKI; and determining how to evaluate differences in transition strategies given that such a transition has never taken place on the Internet. The IRTF is more amenable to this type of research than, say, the IETF, where a single "requirements document" would be expected to be finished in a short period of time and a single protocol would be expected to emerge by group consensus.
This certainly looks like a useful goal, but the people who are going to take part in this effort are probably the same ones that worked on the first set of PKI standards. If the PKING RG succeeds, the IETF will probably create new standards that can be used to implement the new architecture. But because the same people will be involved in this work that created the PKIX standards, I wouldn’t expect these to be very useful either. The next generation PKI will probably fail again, although it may fail better that the first generation did.
Comments