[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Anonymous certificates


>Date: Fri, 18 Aug 1995 14:47:55 -0400 (EDT)
>From: Michael Froomkin <[email protected]>
>Subject: Certificates/Anonymity/Policy/True Names

>Now the issue arises as to whether one should allow the CA
>to issue certificates to pseudonyms where it has *no record* of the real
>identity of the person proffering the key pair.
>Is there any reason why a person would want such a certificate?  In other
>words, given that the recipient of a digital signature will easily be
>able to check the value of the certificate (nil), won't the
>transaction/communication be in all ways identical to one where there was
>no certificate at all.
>So is anything of value lost by prohibiting such
>a certificate?

There are definitely cases where something is lost by prohibiting
that kind of certificate.  For example, there may be cases where a
certified key gives someone some right that doesn't need any
further identification, such as a right to run up $100 in phone
bills, or a right to receive a year's subscription to cp-lite.  As
long as the person has paid for that right, who cares who he or she
is?  In other words, you may wind up sometimes binding a key to a
function, rather than a person.

>A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
>Associate Professor of Law | [email protected]
>U. Miami School of Law     |
>P.O. Box 248087            | It's hot here.  And humid.
>Coral Gables, FL 33124 USA |

   --John Kelsey, [email protected]
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

Version: 2.6.2