1995-08-18 - Certificates/Anonymity/Policy/True Names
Header Data
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
To: cypherpunks@toad.com
Message Hash: da6483c190fda19857f6c43ec6f0f637868aa603ce9e46db7cac893578ab1aea
Message ID: <Pine.3.89.9508181423.A623131443-0100000@umiami.ir.miami.edu>
Reply To: N/A
UTC Datetime: 1995-08-18 18:48:07 UTC
Raw Date: Fri, 18 Aug 95 11:48:07 PDT
Raw message
From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 18 Aug 95 11:48:07 PDT
To: cypherpunks@toad.com
Subject: Certificates/Anonymity/Policy/True Names
Message-ID: <Pine.3.89.9508181423.A623131443-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain
I have a question which is of course purely hypothetical.
Suppose you were designing the legal framework that would govern the
operation of Certification Authorities (the people who issue certificates
vouching for public keys used for digitial signatures), called CAs for
short. The CAs will operate in a hierarchical model (not a
PGP-web-of-trust model), with a state agency being at the root, and
issuing certificates for private CAs.
You have decided to allow the private CAs to issue certificates of varying
degrees of corroberation so long as the degree of verification used is
deducible from the certificate. E.g. a certificate might say "we check
the passport"; or "we check driver's license" or "we took blood, hair,
fingprint, retinal scan and first-born child". It might even say "we
checked nothing". You have also decided that a CA may issue a certificate
in the name of a pseudonym, so long as the CA retains information about
the True Name. Now the issue arises as to whether one should allow the CA
to issue certificates to pseudonyms where it has *no record* of the real
identity of the person proffering the key pair.
Is there any reason why a person would want such a certificate? In other
words, given that the recipient of a digital signature will easily be
able to check the value of the certificate (nil), won't the
transaction/communication be in all ways identical to one where there was
no certificate at all. So is anything of value lost by prohibiting such
a certificate?
I understand, of course, that in a world where the CA has no duty to
check the client's representations, there is a somewhat farcical element
to this debate, but this hypothetical problem involves group decision
making and groups find themselves debating irrational things.
A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law |
P.O. Box 248087 | It's hot here. And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm
Thread
Return to August 1995
- Return to “adam@bwh.harvard.edu (Adam Shostack)”
Return to “Michael Froomkin <mfroomki@umiami.ir.miami.edu>”
- 1995-08-18 (Fri, 18 Aug 95 11:48:07 PDT) - Certificates/Anonymity/Policy/True Names - Michael Froomkin <mfroomki@umiami.ir.miami.edu>
- 1995-08-18 (Fri, 18 Aug 95 12:00:45 PDT) - Re: Certificates/Anonymity/Policy/True Names - adam@bwh.harvard.edu (Adam Shostack)
- 1995-08-18 (Fri, 18 Aug 95 13:40:53 PDT) - Re: Certificates/Anonymity/Policy/True Names - Michael Froomkin <mfroomki@umiami.ir.miami.edu>
- 1995-08-18 (Fri, 18 Aug 95 12:00:45 PDT) - Re: Certificates/Anonymity/Policy/True Names - adam@bwh.harvard.edu (Adam Shostack)