Re: Certificate proposal

[m5@dev.tivoli.com (Mike McNally)]

hfinney@shell.portal.com writes:
 > I can see using keys with attributes in this way, for credentials or as
 > other forms of authorization.  But what about for communications privacy?
 > What is the attribute that tells you that using this key will prevent
 > eavesdropping?

If we exchange keys on a face-to-face basis, then I really don't see
much of a MITM threat, unless somehow the MITM has perverted my
original key and I for some reason can't figure that out.  Now, as
long as you communicate with me via the public key I've handed you, we
should be as safe as PKE can make us.

If we are forced to exchange keys remotely, then perhaps some sort of
"proof" techniques could be used to establish to some level of
assurance that the remote entity I *think* is you is really you.  Or
you could provide me with a key, and then I could poll a list of
references to inquire as to the "goodness" of the key.  This seems to
me to be subtly different than a certificate procedure, because I'm
not asking about the goodness of a relationship to the key, but rather
about the key itself.

Maybe I'm missing something.  What is there to trust in a more
"traditional" certificate scheme?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~