1993-10-28 - Re: My Key

Header Data

From: pierre@shell.portal.com (Pierre Uszynski)
To: cypherpunks@toad.com
Message Hash: c66cfb862fdb44c61527638c2937be95c58e8ba2043c7cf6be2ab2a1e1e9509e
Message ID: <9310281814.AA19779@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1993-10-28 18:21:34 UTC
Raw Date: Thu, 28 Oct 93 11:21:34 PDT

Raw message

From: pierre@shell.portal.com (Pierre Uszynski)
Date: Thu, 28 Oct 93 11:21:34 PDT
To: cypherpunks@toad.com
Subject: Re: My Key
Message-ID: <9310281814.AA19779@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: an41418@anon.penet.fi (wonderer)
> 
> say someone wants to become Wonderer (I mean, it's
> great being me, who wouldn't want to?), they could forge
> a message as coming from me and include a public key.
[...]
> The problem I have with public key cryptography is that
> it is easy for an imposter to publish a public key and  
> get people to believe that it is valid.

As long as no certification agency is involved, a public
key only stands for itself. It only weakly associates a key
with a name. It does NOT associate a key with a person, or
an email address. And this association is not even unique,
you could have several names with the same public key, and
the same name with several public keys. In other words,
the only thing that authenticates the messages is the key
itself, the key is now the only significant name. The name
is merely a poor mnemonic to the key (more or less).

No matter what, any "John Smith" out there has an arguable
right to call himself "John Smith". The situation does not
improve as communication infrastructures become more global.

So, even though you were the first on this list to use
the name "wonderer", as long as you don't post a public key
for it, somebody else can pre-empt you and claim that name
and post a key, and that would not prevent you from posting
a key for the same name yourself in the future. (is that
confused enough?) The only way to distinguish same names
for different keys is if people automatically collect
key-name pairs and their mail readers shows key-names as
author, not just name (and that's not a reliable or likely way
to go. Assuming here there is only email and posting to
distribute keys.) You say somebody would forge a mail from
your address to "claim" your name... They wouldn't need to:
How many of us check your email address in the header when
we see "wonderer". We don't remember your email address,
just "wonderer". We wouldn't remember your key either,
just "wonderer" again. Only a fancy mail reader would tie
together all the different messages you posted under the same
key.

So, does it matter and what can we do?  Well as long as
the only key propagation mechanisms are email and posting,
we can't do much.

If you start talking as "Some Name" with or without a posted
public key, and somebody else posts one as the same name:

- you can counter with a key for "Some Name" yourself.
- you can sue if "Some Name" is sufficiently associated
with you (first and last name, trademark...), and
insufficiently with the other (not his name or less valid
trademark), and if the other is in a jurisdiction where
you have a recourse.
- you can start an online war between the two that
essentially will make the name impossible to use for
anybody (quasi-universally kill-filed... for a while)
- you can claim a Better Name "The One True Some Name", and
post your same public key for it. Until he does the same.
- you can wait for, or better yet :-), write mail readers
or list software  that tend to prefer keys and signatures
over names and mail addresses.

The possibilities for fun, forgery, spoofing, and flaming
are endless... Until the list software starts associating
keys with names on a first come first serve basis (or by
chains of certificates and in-person meetings, as a way
to settle disputes).


Pierre.
pierre@shell.portal.com





Thread