From: Scott Brickner <sjb@universe.digex.net>
To: Adam Shostack <adam@lighthouse.homeport.org>
Message Hash: 2cabc825356b49ae56c889dc972d5e9baa5783c3e19eb17e6335715931c02c01
Message ID: <199510060051.UAA04613@universe.digex.net>
Reply To: <199510060021.UAA02958@homeport.org>
UTC Datetime: 1995-10-06 00:52:22 UTC
Raw Date: Thu, 5 Oct 95 17:52:22 PDT
From: Scott Brickner <sjb@universe.digex.net>
Date: Thu, 5 Oct 95 17:52:22 PDT
To: Adam Shostack <adam@lighthouse.homeport.org>
Subject: Re: subjective names and MITM
In-Reply-To: <199510060021.UAA02958@homeport.org>
Message-ID: <199510060051.UAA04613@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain
Adam Shostack writes:
> Just a minor nit regarding a well thought out post, public
>keys are not 'global' ids, but 'system-wide' IDs. For keys to be
>really global, there needs to be a mechanism in place for insuring
>that key ids are very probably unique. One way to ensure that keys
>are globally unique would be to integrate a KCA identifier with the
>keyid, and KCAs base part of their reputation on not signing multiple
>keys with the same id.
A public key *is* "very probably unique". A "randomly selected" 1024 bit
prime number has a specific amount of entropy in it. The likelihood of
two users world wide "randomly" choosing the same such prime may be
precisely determined (assuming you can figure the entropy).
Who needs a KCA to certify it?
The real benefit of the KCA is as a means of linking the key with a unique
person. As I've commented before, anonyms have no meaningful "credit rating".
Return to October 1995
Return to “Wei Dai <weidai@eskimo.com>”