ZUI and the Skype PKI
Hi, I’m Kurt Sauer, Skype’s CSO. Over the coming weeks, I’d like to talk about some of the different security features in Skype and where we’re going with them. This month (February 2006) marks my second year here, which, in Skype-years, is nearly an eternity. Over that time, we’ve been able to put on the street one of the largest functional PKI-based communications systems in the world, so I thought that talking about PKIs would be a good starting point.
While I suppose it isn’t the most glamorous piece of our products, the Skype PKI (public key infrastructure) is an important component of what makes Skype work. Last year, Brad Templeton described Skype’s PKI as a ZUI (Zero User Interface) system. (I liked the way he put it so much that I still have the original article bookmarked.)
]]>We didn’t do anything particularly revolutionary in terms of designing the PKI, but what was an important step forward was to design the PKI into every aspect of the Skype product, from the user interface right down to the underlying session layer. Yet, I don’t think anyone could claim that Skype’s PKI is hard to understand or hard to use. It takes no particular technical prowess to use Skype, to make a new account, to search its directory, or to figure out who you’re talking to.
Ease-of-use goes at the top of the list?
One way people often measure the security of a service is through the three axes represented by the terms Confidentiality, Integrity and Availability. There are several components of Skype that work together to ensure delivery of protection along these three axes. However, the best designed system will fail if users simply don’t use it. That’s why ease-of-use is such an important design criteria for Skype’s PKI.
I tried to get my tech-savvy septuagenarian mom to use digitally signed e-mail a while back. You know: buy a digital certificate to enable S/MIME, install it in the mail client, set the default settings, and everything should work. And it did, for a while. Then a mail client update reset the S/MIME settings. Then the certificate got deleted. Then the replacement certificate expired and had to be renewed. Bottom line, she doesn’t sign her e-mails today and therefore can’t accept S/MIME encrypted e-mails either.
So I’m mighty happy that Skype is able to deliver to every single user a PKI experience that is robust and well-integrated. (I’m going to talk about Skype cryptography and some of the other related security stuff in a later posting.)