From: bigdaddy@ccnet.com
Date: Sun, 3 Sep 95 10:09:37 PDT
To: Cybie@cris.com
Subject: Re: Direct Socket to Remailer?
In-Reply-To: <9509030907.AA04231@mariner.cris.com>
Message-ID: <Pine.SUN.3.91.950903090122.13715B-100000@ccnet3>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Sep 1995 Cybie@cris.com wrote:

> Before you do it, make sure your ISP doesn't mind you telneting to port 25.
> VCU's computer dept. doesn't take to kindly to it.  They're worried about 
> people sending forged e-mail.  (I was tempted to tell the guy when I got 
> caught doing it that they should put a copy of PGP online for folks to use.
> But I just wanted my account re-instated.)

	CMU's systems, for instance, are nice enough to explicitly warn 
you 'Mis-identifying the sender is an abuse of computing resources.' on 
their machines' port 25. I take this to imply that they don't take kindly 
to such use of their machines by students or non-students...but 
what they would do to a non-CMU student is not clear. Come to think of 
it, would there be legal issues involved in forging e-mail addresses? Can 
one have a reasonable expectation of identity in ordinary e-mail? 
Probably not. How about mail authenticated with PGP, RIPEM, Notes, or 
a similar system?

We've seen key certification by VeriSign, among others...and, if we assume a 
certification structure which requires checking the True Name of the 
person, then we have a link between the key and the identity. All well 
and good.

If we add key escrow to this certification structure, or require a True 
Name for *all* keys, then one could have 
'identity escrow'...a situation in which pseudonymous keys can be 
created and distributed with certification that they really belong to a 
(presumably unique) True Name. In the example of a bank with anonymous 
officers, their identities might be held by another 
organization(oversight committee, industry certification authority, 
etc.), and revealed in the event of an investigation. 

Doesn't VeriSign already sign 'Personality Certificates'(sorry if not the 
right term) for pseudonymous IDs? 

Obviously, setting and enforcing limits on keys per person, should that 
be desirable, could be difficult. In the simplest case of one verified 
key and identity per person, an entity who can satisfy the verification 
process multiple times can be issued multiple keys. If there are a number 
of independent Certification Authorities, and assuming they don't 
cross-check, one could get as many keys as there are CAs. Lag time 
between, say, the Dhahran, Saudi Arabia office of the CA and the rest of 
the structure might also allow for two or more keys at once.

There's probably a dozen different ways to fool a CA or group of CAs. 
Unfortunately, they're likely to be so difficult, and the penalties 
severe enough(e.g. permanent revocation of all keys with a particular 
CA), that few will use them. 

I wonder if this sort of "feature" is already on tap for a Government 
Certification Authority in the U.S.. If pseudonymity is offered at 
all(perhaps as a 
sort of compromise), it seems reasonable that any State-sponsored CA 
would insist on identity escrow. The next logical step, of course, would 
be to subordinate, discredit, or outlaw other CAs, in order to minimize 
the 'possibility' of 'evil criminals' using the 'national information 
infrastructure' for 'nefarious acts of impersonation'.

Web-of-trust would probably still be legal. It would be absurdity to even 
attempt to outlaw it, as one would hope the example of PGP has shown. One 
might as well outlaw gossip. 
Unfortunately, web-of-trust is rarely as extensive(at least for me) than 
a full-blown certification hierarchy. It is certainly more work.

In effect, the State would reserve to itself the ability to certify keys 
on a large scale, on its terms. Scary.

On the other hand, it could also make for some very interesting 
situations...such as a pseudonymous identity, accredited by the State, 
able to participate in elections, enter into binding contracts, and 
telecommute to work. Again, making sure no one registers and votes 
twice might be a bit of work. Perhaps down the line, such 
an identity could run for office. The line 'I'm With Stupid' 
takes on a whole new meaning...

David Molnar

P.S. Andrew L : Yes, I'm the same person you knew in 
Houston! Have you received the mail I sent you? 
-Haynow