From: m5@dev.tivoli.com (Mike McNally)
To: “Don M. Kitchen” <don@cs.byu.edu>
Message Hash: 286214581ec41cf2f4b65c2ae3d4ec3df308f1cdc90fa06048a9a47ab6f57d27
Message ID: <9510101258.AA28275@alpha>
Reply To: <9510091715.AA27991@alpha>
UTC Datetime: 1995-10-10 12:58:25 UTC
Raw Date: Tue, 10 Oct 95 05:58:25 PDT
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 10 Oct 95 05:58:25 PDT
To: "Don M. Kitchen" <don@cs.byu.edu>
Subject: Re: Certificate proposal
In-Reply-To: <9510091715.AA27991@alpha>
Message-ID: <9510101258.AA28275@alpha>
MIME-Version: 1.0
Content-Type: text/plain
Don M. Kitchen writes:
> > If we are forced to exchange keys remotely, then perhaps some sort of
> > "proof" techniques could be used to establish to some level of
> > assurance that the remote entity I *think* is you is really you. Or
>
> So who is Pr0duct Cypher then? And why should I have to produce ID saying
> my name is Don, unless I'm proving my Real Name[tm] is Don.
Right. If we're forced to exchange keys remotely, I just have to deal
with the possibility that I'm being spoofed.
> > you could provide me with a key, and then I could poll a list of
> > references to inquire as to the "goodness" of the key. This seems to
>
> But there's no way to prove that there's no MITM. But "middle" is a
> subjective term.
Yes, that's why I put "proof" in quotes. I guess I meant "demonstrate
to a personally sufficient level of satisfaction".
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) |
| stand there and flap your arms like a fish. | Tivoli Systems, Austin TX |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Return to October 1995
Return to “m5@dev.tivoli.com (Mike McNally)”