1992-10-13 - Mr. Squirrel? Just who is whom here?

Header Data

From: hugh@domingo.teracons.com (Hugh Daniel)
To: CYPHERPUNKS@TOAD.COM
Message Hash: 4c67e79a2ec7344d27550db884c628f037f2077d684ba8190ca763a77730d2bc
Message ID: <9210131201.AA12086@domingo.teracons.com>
Reply To: <921010180751_74076.1041_DHJ61-1@CompuServe.COM>
UTC Datetime: 1992-10-13 12:02:06 UTC
Raw Date: Tue, 13 Oct 92 05:02:06 PDT

Raw message

From: hugh@domingo.teracons.com (Hugh Daniel)
Date: Tue, 13 Oct 92 05:02:06 PDT
To: CYPHERPUNKS@TOAD.COM
Subject: Mr. Squirrel?  Just who is whom here?
In-Reply-To: <921010180751_74076.1041_DHJ61-1@CompuServe.COM>
Message-ID: <9210131201.AA12086@domingo.teracons.com>
MIME-Version: 1.0
Content-Type: text/plain


  Hal is somewhat right, anyone can use 'Secret Squirrel' and anyone
can use any public key they want also.  So, in a many-to-one scope (as
in a maillist) where the sender can not use the one-on-one signed
signiture method how do we have proff of who the sender really is?
  Maybe public forums are just not places where it is easy to verify
the identity of a speaker?

  A second thing that Hal's comments bring up is that we were reading
the From: headders and ignoreing the keys.  In good crypto-mail
readers the key ought to be checked against our own data base of
others keys and the result added to the hedders as say:
	KeyCheck: FooBar Bazoid holds this key in XXX database
or some such rot.  I wonder what is more important, who I claim to be
in a random message or what key I include...
  New keys ought for an ID (or new ID's for the same key) should be
added to the data base as well.
  But all this needs to be done automaticly by the mailers and
interfaces, else the system will be mis-used and folks will tire of
the extra work that gets them little advantage.

		||ugh Daniel





Thread