Announcing httpsy://, a YURL scheme

Ed Gerck egerck at
Wed Jul 16 13:58:51 EDT 2003

"Mark S. Miller" wrote:

> At 08:48 AM 7/16/2003  Wednesday, Ed Gerck wrote:
> >IF Alice is trusted by Bob to introduce ONLY authentic parties, yes. And that is the
> >problem.
> In order for the Carol that Alice introduces Bob to to be inauthentic, there
> must be some prior notion of *who* Alice was supposed to introduce Bob to.

No. Alice may simply always introduce Bob to a fraudster, independently of *who*
Bob wants to talk to.

BTW, IMO this thread has suffered the constant, excessive use of sweeping statements
and arguments. The way I see it, until the statement that "Authentication of the target site
MUST ONLY rely on information contained in the YURL"  is revisited, there is nothing
much to discuss since there is already a single point of failure that is fatally built into the

Ed Gerck

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list