[Cryptography] human readable IDs, revokable keys (Re: Email and IM are ideal candidates for mix networks)
Perry E. Metzger
perry at piermont.com
Wed Aug 28 08:43:13 EDT 2013
First of all, I think systems that make people associate arbitrary
long strings with someone's email address aren't really acceptable.
I'll repeat that my model is "give someone your email address on a
napkin in a bar". I do things like this often enough right now.
On Wed, 28 Aug 2013 06:41:27 -0400 Jerry Leichter <leichter at lrw.com>
wrote:
> On the underlying matter of changing my public key: *Why* would I
> have to change it?
Because people make mistakes and reveal security critical information
to the world at intervals. Because computers are sometimes
compromised. A system that does not permit you to recover from rare
events is not going to deploy very well.
I think that to begin with, though, a system that requires people to
somehow associate arbitrary strings with their friends won't work
either.
Anyway, I proposed a system to handle id to key mappings with
reasonable trust in the first of my three messages on my proposed new
model -- it also happens to handle revocation reasonably well
(though imperfectly).
Perry
--
Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list