[Cryptography] Thoughts about keys

Nico Williams nico at cryptonector.com
Tue Mar 18 16:26:58 EDT 2014


On Wed, Sep 11, 2013 at 3:43 AM, Eugen Leitl <eugen at leitl.org> wrote:
> On Tue, Sep 10, 2013 at 09:01:49PM +0200, Guido Witmond wrote:
>
>> My scheme does the opposite. It allows *total strangers* to exchange
>> keys securely over the internet.
>
> With a FOAF routing scheme with just 3 degrees of separation
> there are not that many strangers left.

Indeed.  Then you only need to trust the two people on the path to
anyone you're trying to talk to.  Also, you have to account for the
fact that people do (and will continue to) keep multiple online
identities -- I'm not sure how that complicates things, if at all.

> If you add opportunistic encryption at a low transport
> layer, plus additional layers on top of you've protected
> the bulk of traffic.

Well, if you can do any web-o'-trust routing then you're presumably
using something PGPish -- you have keying.  Therefore you have no
excuse not to encrypt.

Nico
--


More information about the cryptography mailing list