From: Adam Shostack <adam@homeport.org>
To: sjb@universe.digex.net (Scott Brickner)
Message Hash: 03859877c9be182233d827d08de93c78239bc0eacd1e0f0be23530fbab78d9ca
Message ID: <199510060224.WAA03180@homeport.org>
Reply To: <199510060051.UAA04613@universe.digex.net>
UTC Datetime: 1995-10-06 02:21:02 UTC
Raw Date: Thu, 5 Oct 95 19:21:02 PDT
From: Adam Shostack <adam@homeport.org>
Date: Thu, 5 Oct 95 19:21:02 PDT
To: sjb@universe.digex.net (Scott Brickner)
Subject: Re: subjective names and MITM
In-Reply-To: <199510060051.UAA04613@universe.digex.net>
Message-ID: <199510060224.WAA03180@homeport.org>
MIME-Version: 1.0
Content-Type: text
Scott Brickner wrote:
| Adam Shostack writes:
| > Just a minor nit regarding a well thought out post, public
| >keys are not 'global' ids, but 'system-wide' IDs. For keys to be
| >really global, there needs to be a mechanism in place for insuring
| >that key ids are very probably unique. One way to ensure that keys
| >are globally unique would be to integrate a KCA identifier with the
| >keyid, and KCAs base part of their reputation on not signing multiple
| >keys with the same id.
|
| A public key *is* "very probably unique". A "randomly selected" 1024 bit
| prime number has a specific amount of entropy in it. The likelihood of
| two users world wide "randomly" choosing the same such prime may be
| precisely determined (assuming you can figure the entropy).
The key does indeed have a high likelihood of being unique,
but dealing with 1024 bit identifiers could strain database systems,
especially when 100 well chosen bits would be than enough.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
Return to October 1995
Return to “Wei Dai <weidai@eskimo.com>”