[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

subjective names and MITM



Neither certification hiearchies nor the PGP web-of-trust are very useful
because they try to bind True Names to keys and True Names have many
problems.  People can have duplicate names and can change their names
(what happens if I legally change my name to Bill Clinton and try to get
Verisign to certify my key under that name?), and often we don't care
about someone's True Name. 

Perhaps it is better to think of names as subjective identifiers, and
public keys as global ids.  That is, a person who has a collection of
public keys gives each of them a name, but different people can name their
keys differently.  Of course the holder of the corresponding private key
can help in the naming process (e.g., "Please call me Wei").  If two
people need to talk about a third party, they can refer to him by an
arbitrary name after establishing a common binding between his key and
that name. 

In this scheme, the man-in-the-middle problem goes away because you are 
no longer trying to communicate with a True Name, whose binding with a 
key can be spoofed, but rather with the key itself.  If the holder of 
that key chooses to act as a middle-man by relaying messages around, that 
is his business, and there is really nothing you can do about it.

Wei Dai