cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1994-04-03 - Re: Web of Trust?

Header Data

From: norm@netcom.com (Norman Hardy)
To: Hal <cypherpunks@toad.com
Message Hash: 5981af680c0db7b2c4e4d4a4d7cb17cd3881f516032f3949d933eaddfedee1fd
Message ID: <199404031721.KAA03226@mail.netcom.com>
Reply To: N/A
UTC Datetime: 1994-04-03 17:20:54 UTC
Raw Date: Sun, 3 Apr 94 10:20:54 PDT

Raw message

From: norm@netcom.com (Norman Hardy)
Date: Sun, 3 Apr 94 10:20:54 PDT
To: Hal <cypherpunks@toad.com
Subject: Re: Web of Trust?
Message-ID: <199404031721.KAA03226@mail.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  9:17 3/30/94 -0800, Hal wrote:
...
>In other words, if I want to communicate with joe@abc.com, I can only do so
>if one of the signators of his key is a person I know.  If not, I have no way
>of judging the validity of his key.
>
>This belies simple interpretations of the "web of trust".  I may have signed
>A's key, A has signed B's, B has signed C's, C has signed D's, and D has signed
>Joe's, but this is of no value unless I know D.  Only then can I trust Joe's
>key.

Ideally, perhaps in cyberspace, one's public key is spread along with X's
reputation, i.e. thru the same channels. When a reputation for X reaches
you so does X's public key. You say that you want Henry Kissinger's public
key. I respond that by whatever means you know that there exists such a
person, you will (in cyberspace) already know his public key. The logical
limit of this idea is that the public key becomes the name and the key
authentication issue dissolves into the mist.

We trust reputations because they reach us thru diverse paths. Public keys
arriving thru diverse paths should likewise carry extra weight.

As crypto becomes more common reputations will eventually belong more to
public keys than to names. The question will then be not "What is Henry's
public key?" but "What is the name of the person who knows the secret key
that corresponds to this public key?". I suppose that Detwiler feared being
unable to answer that question in specific cases. I don't.

In the meantime, redundant webs that parallel the normal information webs
thru which reputations propagate should provide public keys at least as
reliable as the reputations themselves.

One particular case is of interest. If you contract with me to process some
of your secrets, I will agree not to divulge those secrets except under the
protection of a one of a set of public keys that you give me. In such a
case the web of trust model can be usefully employed and is not
intrinsically limited in the number of levels.

Thread