Re: [pkng] Some topics for PKNG

"Thomas Hardjono" <ietf@hardjono.net> Thu, 01 April 2010 17:15 UTC

Return-Path: <ietf@hardjono.net>
X-Original-To: pkng@core3.amsl.com
Delivered-To: pkng@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 254C53A6B1E for <pkng@core3.amsl.com>; Thu, 1 Apr 2010 10:15:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.465
X-Spam-Level: *
X-Spam-Status: No, score=1.465 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qzvwSp24hN+U for <pkng@core3.amsl.com>; Thu, 1 Apr 2010 10:14:59 -0700 (PDT)
Received: from outbound-mail-158.bluehost.com (outbound-mail-158.bluehost.com [67.222.39.38]) by core3.amsl.com (Postfix) with SMTP id 221C23A6AF9 for <pkng@irtf.org>; Thu, 1 Apr 2010 10:14:35 -0700 (PDT)
Received: (qmail 31202 invoked by uid 0); 1 Apr 2010 17:15:07 -0000
Received: from unknown (HELO box251.bluehost.com) (69.89.31.51) by cpoproxy2.bluehost.com with SMTP; 1 Apr 2010 17:15:07 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=hardjono.net; h=Received:From:To:References:In-Reply-To:Subject:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Mailer:Thread-Index:Content-Language:X-Identified-User; b=buOcQPMhCOdodEHHfdqb4kcwyN+Jx4uzw32BUCRUDTmu+YoU868/VW7LWowvA7Uup0vGfkf8sCZcdpCocQTS8VevL3XzN/HWCrpUfI8Z1D9fXPxjzoXdC0ucG7vmaquw;
Received: from dhcp-18-111-98-173.dyn.mit.edu ([18.111.98.173] helo=WINCE7P9IL9EJ0) by box251.bluehost.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69) (envelope-from <ietf@hardjono.net>) id 1NxNz0-0006SS-P5 for pkng@irtf.org; Thu, 01 Apr 2010 11:15:07 -0600
From: Thomas Hardjono <ietf@hardjono.net>
To: pkng@irtf.org
References: <4BA666E4.2050408@sunet.se> <p062408bec7cc34119aaa@[10.20.30.158]> <328D39B3-2FE9-4962-BC84-E17BB280504C@cs.tcd.ie> <4BA7B3FD.2070102@sunet.se> <4BA7E192.90408@sunet.se> <4BAA2EB5.7090909@cs.dartmouth.edu> <4BAA4DEB.10105@mnt.se> <4BB4B210.2010502@stpeter.im> <001201cad1b5$21f301a0$65d904e0$@net>
In-Reply-To: <001201cad1b5$21f301a0$65d904e0$@net>
Date: Thu, 01 Apr 2010 13:15:04 -0400
Message-ID: <001901cad1be$e02716d0$a0754470$@net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcrRqlL2j9eSPaM3QM29PMNtXSpPQAACDmYQAAMKqHA=
Content-Language: en-us
X-Identified-User: {727:box251.bluehost.com:hardjono:hardjono.net} {sentby:smtp auth 18.111.98.173 authed with ietf@hardjono.net}
Subject: Re: [pkng] Some topics for PKNG
X-BeenThere: pkng@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Public Key Next Generation \(PKNG\) Research Group" <pkng.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/pkng>
List-Post: <mailto:pkng@irtf.org>
List-Help: <mailto:pkng-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2010 17:15:00 -0000

> -----Original Message-----
> From: pkng-bounces@irtf.org [mailto:pkng-bounces@irtf.org] On Behalf Of
> Thomas Hardjono
> Sent: Thursday, April 01, 2010 12:05 PM
> To: pkng@irtf.org
> Subject: [pkng] Some topics for PKNG
> 
> 
> 
> (2) Simple standardized "trust contracts":
> 
> I know people have been talking forever about a "flat hierarchy" or
"bottom-
> up trust" (BUT) ala PGP and IM. See Leif's slides on PKNG.
> 
> In my experience, the flat or bottom-up trust model works for non-value
> transactions (like IM, FaceBook, etc). As soon as $$$ is involved, the
> parties will want to know where the buck stops (or who to take to court).
> 
> It seems that in order to boot-up this notion of BUT, we need to also
supply
> some limited stock/ready-made simple "trust contract", where person A will
> "trust" person B if both sides will digitally sign an agreed "trust
contract"
> that is legally binding. This is one step further than the usual
PGP-signing
> session at the IETF.
> 
> PS. When you sign-up to eBay, you are essentially signing-up to some legal
> contract that limits eBay's liability. Same with buying a cert from
VeriSign
> (see its CPS).
> 
> Would this item be in-scope for PKNG?
> 
> /thomas/

Here is a pointer to efforts along the last item (simple contracts
exchange):

http://wiki.openid.net/Contract-Exchange#ContractExchangeWGCharterformallyTX

/thomas/