[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Attribute-testimony example (was Re: The future will be easy touse)


>Date: Thu, 30 Nov 1995 13:33 EDT
>From: "E. ALLEN SMITH" <[email protected]>

>Once an element of that set is identified, it can be assigned a codeword
>(to make parsing easier).
>	   How about an email address? Or a URL? 

In this case, I was talking about an abbreviation for an attribute
rather than for a person --  e.g.,

	"checking-account: <number>,<bank>"

standing, for example, for

	"The person (entity) capable of signing with the signed-key 
identified above is authorized to withdraw money from checking account
number <number> at <bank>."

However, in offline mail I just had this interchange:

>>Date: Thu, 30 Nov 1995 12:47:28 -0500 (EST)
>>From: Jon Lasser <[email protected]>
>>Maybe it is just out of habit.  But there's another aspect, not looking 
>>at other people, but looking at oneself:
>>"This is _my_ key."
>>"But my name isn't on the key."
>>"The key says I belong to it."
>>"Hey!  I'm not just a number!"
>I think you're exactly right here.  That's the problem.
>Perhaps we need to include the person's name in the keyID.
>So instead of: 
>Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
>we could use:
>Signed-Key-ID: Carl Ellison (e05c601c4ec4af3aeb54a53171ed65da)


Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison)

to follow the SMTP example, or

Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison <[email protected]>)

to follow the PGP example.

In this case, the text attached to the key is optional -- but there for the
people who feel attached to their names.  It's left off (or replaced with a
handle) for folks who want anonymity.

The fact remains that the key is the source of authority here.  The name
acquires validity from the key, not the other way around, and that might
upset some people who bother to think about it.  However, those who prefer
to think the name is important can view the key hash as an added field
making the name unique -- with the extra added bonus of being tied strongly
to a public key.

 - Carl

|Carl M. Ellison      [email protected]    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |

Version: 2.6.2