[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: subjective names and MITM

Wei Dai wrote:

| Perhaps it is better to think of names as subjective identifiers, and
| public keys as global ids.  That is, a person who has a collection of
| public keys gives each of them a name, but different people can name their
| keys differently.  Of course the holder of the corresponding private key
| can help in the naming process (e.g., "Please call me Wei").  If two
| people need to talk about a third party, they can refer to him by an
| arbitrary name after establishing a common binding between his key and
| that name. 

	Just a minor nit regarding a well thought out post, public
keys are not 'global' ids, but 'system-wide' IDs.  For keys to be
really global, there needs to be a mechanism in place for insuring
that key ids are very probably unique.  One way to ensure that keys
are globally unique would be to integrate a KCA identifier with the
keyid, and KCAs base part of their reputation on not signing multiple
keys with the same id.


"It is seldom that liberty of any kind is lost all at once."