1995-10-09 - Re: Certificate proposal

Header Data

From: m5@dev.tivoli.com (Mike McNally)
To: Scott Brickner <sjb@universe.digex.net>
Message Hash: 0c4710ff4e0025c3acdef35438960f305721c86797c16b6e7dc8f9e7c73c035b
Message ID: <9510092324.AA28153@alpha>
Reply To: <199510092038.NAA09612@jobe.shell.portal.com>
UTC Datetime: 1995-10-09 23:25:16 UTC
Raw Date: Mon, 9 Oct 95 16:25:16 PDT

Raw message

From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 16:25:16 PDT
To: Scott Brickner <sjb@universe.digex.net>
Subject: Re: Certificate proposal
In-Reply-To: <199510092038.NAA09612@jobe.shell.portal.com>
Message-ID: <9510092324.AA28153@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Scott Brickner writes:
 > [ ... a bunch of stuff I have no quarrel with ... ]
 >
 > Identifying the key with the person is entirely reasonable, if the key
 > is what introduced the person to you (and thus ontologically created
 > the entity).

Right (sez me).

 > If the introduction happens prior to receiving the key,
 > then authentication becomes necessary to avoid MITM.

Maybe I'm not sure what good a "true name" certificate is going to do
me in establishing confidence in a key.  How will I know that the
MITM attack didn't begin with the "true name" registration?

(Note that I continue to insist that I very well might be totally
without clue here, so correct me brutally if applicable.)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX    |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




Thread