From: m5@dev.tivoli.com (Mike McNally)
To: Hal <hfinney@shell.portal.com>
Message Hash: 135ac95cfb4519ca4d41ea245295469a9e058f0a966b02e7e8dd687d9ee1f241
Message ID: <9510091715.AA27991@alpha>
Reply To: <199510091558.IAA05131@ix6.ix.netcom.com>
UTC Datetime: 1995-10-09 17:15:43 UTC
Raw Date: Mon, 9 Oct 95 10:15:43 PDT
From: m5@dev.tivoli.com (Mike McNally)
Date: Mon, 9 Oct 95 10:15:43 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510091558.IAA05131@ix6.ix.netcom.com>
Message-ID: <9510091715.AA27991@alpha>
MIME-Version: 1.0
Content-Type: text/plain
hfinney@shell.portal.com writes:
> I can see using keys with attributes in this way, for credentials or as
> other forms of authorization. But what about for communications privacy?
> What is the attribute that tells you that using this key will prevent
> eavesdropping?
If we exchange keys on a face-to-face basis, then I really don't see
much of a MITM threat, unless somehow the MITM has perverted my
original key and I for some reason can't figure that out. Now, as
long as you communicate with me via the public key I've handed you, we
should be as safe as PKE can make us.
If we are forced to exchange keys remotely, then perhaps some sort of
"proof" techniques could be used to establish to some level of
assurance that the remote entity I *think* is you is really you. Or
you could provide me with a key, and then I could poll a list of
references to inquire as to the "goodness" of the key. This seems to
me to be subtly different than a certificate procedure, because I'm
not asking about the goodness of a relationship to the key, but rather
about the key itself.
Maybe I'm missing something. What is there to trust in a more
"traditional" certificate scheme?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Return to October 1995
Return to “m5@dev.tivoli.com (Mike McNally)”