[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: subjective names and MITM

To: Adam Shostack <[email protected]>
Subject: Re: subjective names and MITM
From: Scott Brickner <[email protected]>
Date: Thu, 05 Oct 1995 19:51:56 -0500
Cc: [email protected] (Wei Dai), [email protected]
In-Reply-To: (Your message of Thu, 05 Oct 1995 20:21:56 EDT.) <[email protected]>
Sender: [email protected]

Adam Shostack writes:
>	Just a minor nit regarding a well thought out post, public
>keys are not 'global' ids, but 'system-wide' IDs.  For keys to be
>really global, there needs to be a mechanism in place for insuring
>that key ids are very probably unique.  One way to ensure that keys
>are globally unique would be to integrate a KCA identifier with the
>keyid, and KCAs base part of their reputation on not signing multiple
>keys with the same id.

A public key *is* "very probably unique".  A "randomly selected" 1024 bit
prime number has a specific amount of entropy in it.  The likelihood of
two users world wide "randomly" choosing the same such prime may be
precisely determined (assuming you can figure the entropy).

Who needs a KCA to certify it?

The real benefit of the KCA is as a means of linking the key with a unique
person.  As I've commented before, anonyms have no meaningful "credit rating".

Follow-Ups:
- Re: subjective names and MITM
  - From: Adam Shostack <[email protected]>

References:
- Re: subjective names and MITM
  - From: Adam Shostack <[email protected]>

Prev by Date: Re: Rethinking the utility of netnews "cancel" control messages
Next by Date: Re: Certificate proposal
Prev by thread: Re: subjective names and MITM
Next by thread: Re: subjective names and MITM
Index(es):
- Date
- Thread