1992-11-30 - re: Secure Key exchange

Header Data

From: “Mark W. Eichin” <eichin@cygnus.com>
To: tytso@ATHENA.MIT.EDU
Message Hash: 9b271b3374566e5a7d8ded6d05c7f4254eb373bbf716aa30d12748b1e72d9c22
Message ID: <9211301937.AA29781@tweedledumber.cygnus.com>
Reply To: <9211301836.AA20482@tsx-11.MIT.EDU>
UTC Datetime: 1992-11-30 19:37:42 UTC
Raw Date: Mon, 30 Nov 92 11:37:42 PST

Raw message

From: "Mark W. Eichin" <eichin@cygnus.com>
Date: Mon, 30 Nov 92 11:37:42 PST
To: tytso@ATHENA.MIT.EDU
Subject: re: Secure Key exchange
In-Reply-To: <9211301836.AA20482@tsx-11.MIT.EDU>
Message-ID: <9211301937.AA29781@tweedledumber.cygnus.com>
MIME-Version: 1.0
Content-Type: text/plain


<tytso@ATHENA.MIT.EDU> allegedly (:-) writes:
>> key-signinging policies available _signed_ with their private key; that
	I noticed in the pgp docs that there is a "signature
classification field" which has a (rather small) set of reserved
values, only one of which is actually implemented:
	10 -	Key certification, generic.  Only version of key
		certification supported by PGP 2.0.
		Material signed is public key pkt and User ID pkt.
	11 -	Key certification, persona.  No attempt made at all
		to identify the user with a real name.
		Material signed is public key pkt and User ID pkt.
	12 -	Key certification, casual identification.  Some
		casual attempt made to identify user with his name.
		Material signed is public key pkt and User ID pkt.
	13 -	Key certification, positive ID.  Heavy-duty
		identification efforts, photo ID, direct contact
		with personal friend, etc.
		Material signed is public key pkt and User ID pkt.

>> we would then still need to trust that the entity is telling the truth

I think we probably need a similar "web" certifying operational
procedures. (That is, I believe, one thing that the PEM hierarchy
claims to provide -- the institutional signature providers are
auditted, etc. to guarantee that they provide the claimed level of
security.) Some people trust my signatures more than other signatures
because I'm already known to be somewhat "paranoid" w.r.t. security
matters...
				_Mark_ <eichin@athena.mit.edu>
				MIT Student Information Processing Board
				Cygnus Support <eichin@cygnus.com>





Thread