1994-12-01 - Re: “Cyherpunks Named Official Signing Authority”
Header Data
From: eric@remailer.net (Eric Hughes)
To: cypherpunks@toad.com
Message Hash: d43f89c46457cde0a75ff027c9caa80907188af671681bd23b30393bf08710b7
Message ID: <199412012005.MAA13503@largo.remailer.net>
Reply To: <74242.pfarrell@netcom.com>
UTC Datetime: 1994-12-01 19:07:07 UTC
Raw Date: Thu, 1 Dec 94 11:07:07 PST
Raw message
From: eric@remailer.net (Eric Hughes)
Date: Thu, 1 Dec 94 11:07:07 PST
To: cypherpunks@toad.com
Subject: Re: "Cyherpunks Named Official Signing Authority"
In-Reply-To: <74242.pfarrell@netcom.com>
Message-ID: <199412012005.MAA13503@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain
From: "Pat Farrell" <pfarrell@netcom.com>
Re: majordomo alterations
so that it pipes messages thru a filter to classify signatures.
[...]
We get classes like: [5 listed]
What I was thinking was the following. There would be a recognizer
that, given a message, would output "yes, something looks like a
signature to me", or "no, there is nothing that I recognize as a
signature". Based on this true/false answer, the server would either
perform an action, or not.
I was thinking of no notion of classes, but rather mere presence or
absence.
Maybe we need to have majordomo sign the message/header
so we know that the true c'punk classifier has verified it?
WARNING: The following paragraph does not have direct relevance to the
issue at hand. It discusses servers which might verify signatures,
which my current proposal does not have in it.
What I have realized in the interim is, that if a server is to verify
a signature, the server should sign not the message but rather the
signature. After all, the signature is what was being verified, not
any property of the message. The user can still detect message
alteration, by first verifying the sig-on-sig, and then comparing the
hash value in the original sig to a hash on the message.
But then we ask, Hmmm, is this a hacked majordomo? After all, no sane
person will read and manually verify the flood of c'punk messages.
So some daemon is doing it all. And daemons can be hacked.
Trust always terminates somewhere. How far back you go is a question
of worth and of effort. Ceding some trust to toad.com may be
desirable for some but not for others. Merely because it is not a
complete solution to all problems doesn't mean it's not worth doing.
anyone else see a solution?
I do, but it involves program+proof ideas and is far from ready for
deployment. I have no interest in solving those problems right now.
There is benefit to be had from crypto, even if the first
implementations only protect certain things.
Eric
Thread
Return to December 1994
- Return to “eric@remailer.net (Eric Hughes)”
Return to ““Pat Farrell” <pfarrell@netcom.com>”
- 1994-12-01 (Wed, 30 Nov 94 17:41:50 PST) - Re: “Cyherpunks Named Official Signing Authority” - “Pat Farrell” <pfarrell@netcom.com>
- 1994-12-01 (Thu, 1 Dec 94 11:07:07 PST) - Re: “Cyherpunks Named Official Signing Authority” - eric@remailer.net (Eric Hughes)