Re: Principles and Principals
Ian Brown <I.Brown@cs.ucl.ac.uk> Thu, 25 September 1997 09:26 UTC
Received: (from majordomo@localhost) by mail.proper.com (8.8.7/8.7.3) id CAA04143 for ietf-open-pgp-bks; Thu, 25 Sep 1997 02:26:56 -0700 (PDT)
Received: from bells.cs.ucl.ac.uk (bells.cs.ucl.ac.uk [128.16.5.31]) by mail.proper.com (8.8.7/8.7.3) with SMTP id CAA04139 for <ietf-open-pgp@imc.org>; Thu, 25 Sep 1997 02:26:51 -0700 (PDT)
Received: from dopey.cs.ucl.ac.uk by bells.cs.ucl.ac.uk with local SMTP id <g.07915-0@bells.cs.ucl.ac.uk>; Thu, 25 Sep 1997 10:28:23 +0100
Message-ID: <342A2E30.9391CF32@cs.ucl.ac.uk>
Date: Thu, 25 Sep 1997 10:26:08 +0100
From: Ian Brown <I.Brown@cs.ucl.ac.uk>
Organization: University College London
X-Mailer: Mozilla 4.02 [en] (WinNT; I)
MIME-Version: 1.0
To: Hal Finney <hal@rain.org>
CC: ietf-open-pgp@imc.org
Subject: Re: Principles and Principals
References: <199709241720.KAA08877@s27.term1.sb.rain.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-open-pgp@imc.org
Precedence: bulk
-----BEGIN PGP SIGNED MESSAGE----- > DNSSEC is better than nothing, but it is no substitute for key > certifications by people you know and trust. Absolutely. I'm just not sure how well the system can scale further than people you know and trust. While the technology is there to do very complex trust webs, incorporating large and small-scale CAs as well as friends, I think the human concept of 'trust' is stretched a little by this. SPKI is quite elegant in the way that all key trust is local; in practice, I rarely currently find a key with a trusted certification path to it. And that's in the rather incestuous Internet community. Once significant percentages of the world's population are on-line, it could all become horribly complex. I agree that the current PGP model is great for guerilla groupings. I just wonder how good it will be for thousands of millions of people who may want to write to (say) an address on a Web page, or reply to a message on a mailing list - i.e. communicate with someone entirely as a virtual entity rather than a physical one. There, I think DNSSEC can be a big help, although of course not a panacea. However, my main point is about distributing keys, not certifying them... > We looked into putting PGP certificates into the DNS as an alternative... > You still have the reverse lookup problem Might the IETF draft 'The DNS Inverse Key Domain' (ftp://ietf.org/internet-drafts/draft-ietf-dnssec-in-key-00.txt) help with this? However, if we set up an e-mail-only keyserver system, people will always know the e-mail address of the sender. As I said, I'm not sure if I can see many other situations where it is more efficient to set up a full-scale key distribution system rather than simply supply the relevant public key certificate along with a signed object. > at this point it looks like LDAP and HTTP are more > promising approaches for key distribution. How are you planning to create a distributed system with this approach? With a similar system to PGP5, putting an X key lookup header in a message? Ian >:) -----BEGIN PGP SIGNATURE----- Version: Cryptix 2.21 iQCVAgUANCouP5pi0bQULdFRAQELRQP7B2RlTC2/0eiXD4LApCmDCzFradO2y3qDMTMyuS18sAeg yuA/2x4gowJOIVWq6s07K79ZfvxmlB5JPN7VGaf+qttLzjXAgjphqbSdVFfOaKaFkADgRM/xH9Z3 /Ggyr2uFx4oKlhvbDndB/EMrL8G/6xyQTcw4d8qTDJ3/C+gGY1U= =dIPu -----END PGP SIGNATURE-----
- Re: Principles and Principals Pat Richard
- Re: Principles and Principals Pat Richard
- Re: Principles and Principals Jon Callas
- Re: Principles and Principals William H. Geiger III
- Re: Principles and Principals Patrick Richard
- Re: Principles and Principals William Allen Simpson
- Re: Principles and Principals Jon Callas
- Re: Principles and Principals Patrick Richard
- Re: Principles and Principals Bonatti Chris
- Re: Principles and Principals Ian Brown
- Principles and Principals William Allen Simpson
- Re: Principles and Principals Ian Brown
- Re: Principles and Principals Patrick Richard
- Re: Principles and Principals Bonatti Chris
- Re: Principles and Principals William Allen Simpson
- RE: Principles and Principals Hal Finney
- RE: Principles and Principals Rik Drummond
- Re: Principles and Principals Ian Brown
- RE: Principles and Principals Rik Drummond
- Re: Principles and Principals Ian Brown
- Re: Principles and Principals Bonatti Chris
- Re: Principles and Principals Ian Brown
- Re: Principles and Principals David P. Kemp
- Re: Principles and Principals tzeruch
- Re: Principles and Principals Jon Callas
- Re: Principles and Principals William H. Geiger III
- Principles and Principals Rodney Thayer
- Re: Principles and Principals Bill Frantz
- Re: Principles and Principals David P. Kemp
- Re: Principles and Principals David P. Kemp
- Re: Principles and Principals Bonatti Chris
- Re: Principles and Principals Ian Brown
- Re: Principles and Principals David P. Kemp