[Cryptography] Anonymous rendezvous (was Business opportunities in crypto)

jrzx jrzx at protonmail.ch
Fri May 21 18:05:45 EDT 2021


Natanael <natanael.l at gmail.com> wrote:
> If you have the right name - AND ONLY IF - en you get this assurance.
>
> In a decentralized system with no trust anchors you can not figure
> out which name is the right one with any certainty.

We have piles of decentralized systems right now today that *do* give
you that assurance.

In private messaging, there are separate message threads for each public
key, and where the name appears in text in public or private messages your
local computer should associate a unique local petname with each key.
And mostly they do, though existing software is frequently half assed
about this.

The petname is generated by mangling the nickname (and possibly part of
the display name) down to a valid locally unique identifier, unique on
your computer and following your computer's rules for valid identifiers.

Existing software kind of screws up on the local petname issue in a variety
of ways, but does a sufficient job to ensure that one person canno
impersonate another person

The petnames appear in the text, and in the equivalent of reply-to and
cc fields, as @petname, but if "petname" is a local petname
corresponding to a public key that corresponds to the other party's
private key, it is colored differently to the text and/or looks like
a link in html. If you hover over the link, you see the other party's
display name and nickname, and if you click on that link, you go to
data about that person and or the thread of your private communications
with that person.

What actually gets sent, computer to computer, when Ann mentions Bob
in a message to Carol, is not the the local petname that that Ann typed
into her text, but the globally unique identifier, which should be,
and usually is, the public key, and possibly the nickname, the
display name, and information on how to direct a message to that party.

The display name is long, humanly meaningful, and usually probabilistically
unique to humans, but inconvenient for typing in full in text, unlikely
to be typed correctly, often incorrectly formatted for reply-to and
cc fields, and often likely to disrupt the flow of text were it to be directly
typed as part of a paragraph.

The nickname is a potential petname, or can be mangled into a petname
without too much mangling.

Display names and nicknames are unique on any one forum, enforced by the
central server. Different people can have the same nickname and
display name on different forums on different servers. But if they do,
they are going to nonetheless have different petnames on your computer.

What appears in the address fields, and in references to particular people
in the middle of a paragraph, is always locally unique, one distinct local
petname for each globally unique identifier.

In practice, you don't rely on petnames to distinguish people, though they
are quite adequate for distinguishing people, but on the fact that the threading
software associates messages coming from the same public key, just as when
you see text messages coming from the same phone number on your phone,
you see them displayed with previous text messages and replies to that
phone number, and pay little attention to the phone number.

In most contexts, you don't actually need to look at, or even remember, th
phone number, and you don't actually need to look at, or even remember,
the petname.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210521/357e8523/attachment.htm>


More information about the cryptography mailing list