Can we copy trust?

Bill Frantz frantz at pwpconsult.com
Mon Jun 2 20:34:10 EDT 2008


edgerck at nma.com (Ed Gerck) on Monday, June 2, 2008 wrote:

>To trust something, you need to receive information from sources OTHER 
>than the source you want to trust, and from as many other sources as 
>necessary according to the extent of the trust you want. With more trust 
>extent, you are more likely to need more independent sources of 
>verification.

In my real-world experience, this way of gaining trust is only
really used for strangers. For people we know, recognition and
memory are more compelling ways of trusting.

We can use this recognition and memory in the online world as well.
SSH automatically recognizes previously used hosts. Programs such
as the Pet Names Tool <http://www.waterken.com/user/PetnameTool/>
recognize public keys used by web sites, and provide us with a
human-recognizable name so we can remember our previous
interactions with that web site. Once we can securely recognize a
site, we can form our own trust decisions, without the necessity of
involving third parties.

Cheers - Bill

-------------------------------------------------------------------------
Bill Frantz        | The first thing you need when  | Periwinkle
(408)356-8506      | using a perimeter defense is a | 16345 Englewood Ave
www.pwpconsult.com | perimeter.                     | Los Gatos, CA 95032

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list