1995-08-18 - Certificates/Anonymity/Policy/True Names

Header Data

From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
To: cypherpunks@toad.com
Message Hash: da6483c190fda19857f6c43ec6f0f637868aa603ce9e46db7cac893578ab1aea
Message ID: <Pine.3.89.9508181423.A623131443-0100000@umiami.ir.miami.edu>
Reply To: N/A
UTC Datetime: 1995-08-18 18:48:07 UTC
Raw Date: Fri, 18 Aug 95 11:48:07 PDT

Raw message

From: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Date: Fri, 18 Aug 95 11:48:07 PDT
To: cypherpunks@toad.com
Subject: Certificates/Anonymity/Policy/True Names
Message-ID: <Pine.3.89.9508181423.A623131443-0100000@umiami.ir.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain


I have a question which is of course purely hypothetical.

Suppose you were designing the legal framework that would govern the 
operation of Certification Authorities (the people who issue certificates 
vouching for public keys used for digitial signatures), called CAs for 
short.  The CAs will operate in a hierarchical model (not a 
PGP-web-of-trust model), with a state agency being at the root, and 
issuing certificates for private CAs.

You have decided to allow the private CAs to issue certificates of varying
degrees of corroberation so long as the degree of verification used is
deducible from the certificate.  E.g. a certificate might say "we check
the passport"; or "we check driver's license" or "we took blood, hair,
fingprint, retinal scan and first-born child".  It might even say "we
checked nothing".  You have also decided that a CA may issue a certificate
in the name of a pseudonym, so long as the CA retains information about
the True Name.  Now the issue arises as to whether one should allow the CA
to issue certificates to pseudonyms where it has *no record* of the real
identity of the person proffering the key pair. 

Is there any reason why a person would want such a certificate?  In other 
words, given that the recipient of a digital signature will easily be 
able to check the value of the certificate (nil), won't the 
transaction/communication be in all ways identical to one where there was 
no certificate at all.  So is anything of value lost by prohibiting such 
a certificate?

I understand, of course, that in a world where the CA has no duty to 
check the client's representations, there is a somewhat farcical element 
to this debate, but this hypothetical problem involves group decision 
making and groups find themselves debating irrational things.

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | mfroomki@umiami.ir.miami.edu
U. Miami School of Law     | 
P.O. Box 248087            | It's hot here.  And humid.
Coral Gables, FL 33124 USA |
See http://www-swiss.ai.mit.edu/6095/articles/froomkin-metaphor/text.html
and http://www.law.cornell.edu/jol/froomkin.htm







Thread