[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proxy/Representation?



At 10:46 AM 12/28/95 -0500, [email protected] wrote:

>"David E. Smith" writes:
>> The question is: how do the current software packages handle representatives
>> and proxies for a given is-a-person?  Using PGP as an example, I can't sign
>> a message with Helen's key.
>Nor should you be able to, actually.
And I can't :)

>The right way to do this in the digital world, IMHO, is to have a
>standard for "Power of Attorney" documents, and for the entity
>receiving something signed in your key that should be signed in
>another person's key to also see the digitally signed power of
>attorney document. Then the entity can check the signature on the
>power of attorney was in Helen's key, and that the signed key in that
>document was the key that signed the document signed by the "attorney".
That's more of what I was looking for.  I suppose that (I'm still using
PGP as my example) there could be a shared PGP key, signed by Helen and
myself, where only the two of us know the passphrase, with a keyid of
"David Smith <[email protected]> on behalf of Helen Jones <[email protected]>"
or something similar.  The obvious problem is that in sharing the pass
phrase the security is weakened.  (Paranoid threat model: at some point
we have to decide on the pass phrase, and we are videotaped/bugged/spied
upon while this takes place.)

dave

----- David E. Smith, c/o Southeast Missouri State University
1210 Towers South, Cape Girardeau MO USA 63701-4745, +1(573)339-3814
PGP ID 0x92732139, homepage http://www.midwest.net/scribers/dsmith/
Dec15-Jan15: (618)244-3340/2209 Perkins, Mt Vernon IL 62864