[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: subjective names and MITM

To: [email protected] (Wei Dai)
Subject: Re: subjective names and MITM
From: Adam Shostack <[email protected]>
Date: Thu, 5 Oct 1995 20:21:56 -0400 (EDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Wei Dai" at Oct 5, 95 12:01:38 pm
Sender: [email protected]

Wei Dai wrote:

| Perhaps it is better to think of names as subjective identifiers, and
| public keys as global ids.  That is, a person who has a collection of
| public keys gives each of them a name, but different people can name their
| keys differently.  Of course the holder of the corresponding private key
| can help in the naming process (e.g., "Please call me Wei").  If two
| people need to talk about a third party, they can refer to him by an
| arbitrary name after establishing a common binding between his key and
| that name. 

	Just a minor nit regarding a well thought out post, public
keys are not 'global' ids, but 'system-wide' IDs.  For keys to be
really global, there needs to be a mechanism in place for insuring
that key ids are very probably unique.  One way to ensure that keys
are globally unique would be to integrate a KCA identifier with the
keyid, and KCAs base part of their reputation on not signing multiple
keys with the same id.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

Follow-Ups:
- Re: subjective names and MITM
  - From: Scott Brickner <[email protected]>

References:
- subjective names and MITM
  - From: Wei Dai <[email protected]>

Prev by Date: Re: NetManage & Cylink Crypto
Next by Date: Re: Certificate proposal
Prev by thread: subjective names and MITM
Next by thread: Re: subjective names and MITM
Index(es):
- Date
- Thread