From: tomw@orac.engr.sgi.com (Tom Weinstein)
Date: Tue, 24 Oct 95 07:29:50 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <DGxxGM.IHu@sgi.sgi.com>
Message-ID: <199510241429.HAA02508@orac.engr.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


In article <DGxxGM.IHu@sgi.sgi.com>, Jiri Baum <jirib@sweeney.cs.monash.edu.au> writes:
> TW writes:

>> I agree.  Sending your cc# to a key or an IP address is not what you
>> want to do.  As a consumer, I want to make sure that I send my cc# to
>> the merchant I am buying from.

> But how do you know that you want to send to Egghead Software in the
> first place? EHS could be a MIMT, maybe you really want to talk to
> Eggfoot Software, but every e-mail Eggfoot sends out is intercepted
> and changed to read "Egghead" (and vice versa)...

> By the time you verify that Egghead is who you want, you could have just
> as easily verified that the key is who you want. Thus skipping one step
> and avoiding all the attacks applicable to that step.

That's true.  You really want to make sure that the merchant you are
giving your money to is the one who has the goods you are interested in.
Perhaps the only way to solve this problem is with some sort of trusted
escrow agency.  The agency would be well known and its reputation could
be verified fairly easily.  Of course there's still the existential
problem of how do you know your connection to the rest of the world
isn't controlled by someone else, but there's really no solution to
that.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@engr.sgi.com