About that "Mighty Fortress"... What's it look like?

Alexander Klimov alserkli at inbox.ru
Tue Aug 17 08:04:00 EDT 2010


On Sat, 31 Jul 2010, Perry E. Metzger wrote:
> You are still following the same model that has failed over and over
> and over again. "Endorsing" keys is the same "we have no internet,
> so we rely on having big books to tell us whether a person's credit
> card was stolen" model.
>
> There is no rational reason at all that someone should "endorse" a
> key when it is possible to simply do a real time check for
> authorization. There is no reason to sign a key when you can just
> check if the key is in a database.

Each real-time check reveals your interest in the check. What about
privacy implications?

-- 
Regards,
ASK

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list