[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Certificates/Anonymity/Policy/True Names



At 6:47 PM 8/18/95, Michael Froomkin wrote:
>I have a question which is of course purely hypothetical.
>
>Suppose you were designing the legal framework that would govern the
>operation of Certification Authorities (the people who issue certificates
>vouching for public keys used for digitial signatures), called CAs for
>short.  The CAs will operate in a hierarchical model (not a
>PGP-web-of-trust model), with a state agency being at the root, and
>issuing certificates for private CAs.

I don't see any basis for having a state agency as the root...lots of
things that are grounded in law have no origin/connection to the state.
But, I'll assume your hypothetical (though I think the assumption that
government = root leads down a dangerous path).

>You have decided to allow the private CAs to issue certificates of varying
>degrees of corroberation so long as the degree of verification used is
>deducible from the certificate.  E.g. a certificate might say "we check
>the passport"; or "we check driver's license" or "we took blood, hair,
>fingprint, retinal scan and first-born child".  It might even say "we
>checked nothing".  You have also decided that a CA may issue a certificate
>in the name of a pseudonym, so long as the CA retains information about
>the True Name.  Now the issue arises as to whether one should allow the CA
>to issue certificates to pseudonyms where it has *no record* of the real
>identity of the person proffering the key pair.

It all depends on what the purpose of certification is in the first place,
and whether alternative heierarchies of certification exist outside the one
that has government as root. For example, I may instantiate many keys for
use in experiments, or as agents in a market microworld, and I may "vouch"
for them.

These "agents" have no True Name, are not persons, but still have varying
levels of certification  (to me, at least)

A company may even have multiple agents. Multiple departments, multiple
users, etc.

The web-of-trust model, which, loosely phrased, says "I say I believe this
is the key of so-and-so, and you can believe me or not. We don't need no
steenking badges!" The beauty of this is that any person or program can
generate lots and lots of keys, for experiments, agents, etc.

Now if it is desired to have the "legal system" mesh with this
certification process, the governemnt is still not needed. Contract law
suffices. If the Alice Corporation claims the Bob Company signed a document
with a fraudulent key )or whatever the scenario might be), then each side
can present in a court what the contracts they agreed to said and what the
facts were.

This happens all the time, though "I am not a lawyer," in disputes about
whether a contract was signed properly, about whether the signer had the
right authority, etc. And it is apparently not necessary to have the
"state" establish itself, for example, as the keeper of signatures.

I concede that there is a path back to the legal "is-a-person" status of
parties, such as credentials for identity.

In cases involving software agents and "virtual persons" (which is where
key certification tends to come in), a stipulation can be made that a Real
Person is to be involved in the loop.


>Is there any reason why a person would want such a certificate?  In other
>words, given that the recipient of a digital signature will easily be
>able to check the value of the certificate (nil), won't the
>transaction/communication be in all ways identical to one where there was
>no certificate at all.  So is anything of value lost by prohibiting such
>a certificate?

So long as I am not prohibited from getting together with others (on a list
like our, in a corporation, with offshore folks, etc.) and setting up our
own system--of whatever nature--then I suppose it doesn't matter.

But you ask "So is anything of value lost by prohibiting such a certificate?"

Well, why prohibit something unless a real and compelling problem exists?
it might turn out to be very useful to have certificates even for keys that
belong to entities or agents that have no True Name attached to them. I've
given some examples, and can think of more.


--Tim May


---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May            | Crypto Anarchy: encryption, digital money,
[email protected] (Got net?)  | anonymous networks, digital pseudonyms, zero
408-728-0152              | knowledge, reputations, information markets,
Corralitos, CA            | black markets, collapse of governments.
Higher Power: 2^756839    | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."