Who's afraid of Mallory Wolf?
Ed Gerck
egerck at nma.com
Tue Mar 25 19:24:54 EST 2003
Ben Laurie wrote:
> It seems to me that the difference between PGP's WoT and what you are
> suggesting is that the entity which is attempting to prove the linkage
> between their DN and a private key is that they get to choose which
> signatures the relying party should refer to.
PGP's WoT already does that. To be clear, in PGP the entity that is attempting
to prove the linkage between a DN and a public key chooses which signatures
are acceptable, their "degree of trust", and how these signatures became
acceptable in the first place. BTW, a similar facility also exists in X.509, where
the entity that is attempting to prove the linkage may accept or reject a CA
for that purpose (unfortunately, browsers make this decision "automatically"
for the user but it does not need to be so).
That said, the paper does not provide a way to implement the method I
suggested. The paper only shows that such a method should exist.
Cheers,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list