CFP: PKI research workshop

D. A. Honig dahonig at home.com
Tue Jan 15 13:48:30 EST 2002


>[The
>question isn't some sort of mystification of identity -- it is being
>able to know that you're talking to the same "Dear Abby" your friends
>have talked to and that you talked to last week. 

Here you're talking about "reputation of nyms", which doesn't require
third parties or certs, just well-kept secret keys of a PK pair.  
If the remote entity keeps using the same PK keys, you can reasonably
update reputation
based on that alone.   (They're essentially signing their behaviors.)

[Moderator's note: I fully agree. I was disputing only the notion that
unauthenticated connections were sufficient. Authentication does not
require certificates or third parties -- see the way SSH handles keys
for example. --Perry]


>Now that MIM attacks
>have been automated they don't even need sophistication to conduct. --Perry]

Since a signed cert is useful for recovering ZERO dollars from the signer,
if you've been defrauded by some entity, the end result is the same if a MIM 
defrauds you.  

A *trusted* signer would solve the confidentiality loss problem but not the
financial
liability problem.  But given that signers will sign *anything* (and why
not, they have no
financial liability and little useful reputation to lose) this is a small
difference.

dh














---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list