1995-10-06 - Re: Certificate proposal
Header Data
From: Wei Dai <weidai@eskimo.com>
To: Hal <hfinney@shell.portal.com>
Message Hash: 824862cd98fce614e7d246a2c05e9523b3a740bddb249ba6fe1ad7170f1be8d6
Message ID: <Pine.SUN.3.91.951005174118.5095B-100000@eskimo.com>
Reply To: <199510051924.MAA25839@jobe.shell.portal.com>
UTC Datetime: 1995-10-06 00:56:42 UTC
Raw Date: Thu, 5 Oct 95 17:56:42 PDT
Raw message
From: Wei Dai <weidai@eskimo.com>
Date: Thu, 5 Oct 95 17:56:42 PDT
To: Hal <hfinney@shell.portal.com>
Subject: Re: Certificate proposal
In-Reply-To: <199510051924.MAA25839@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.951005174118.5095B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain
Hal wrote:
> The thing to keep in mind is, why do we want certificates? Why not just
> use unsigned keys? If I encrypt a message for Carl based on some key I
> found lying around somewhere which someone told me is his, and I send it
> to his mailbox, and I get a reply back, how secure is that? We all know
> that you don't get the full security of the encryption if you do this.
> Man in the middle attacks might not be easy to do in such a situation but
> they are certainly possible. It is such attacks that certificates (including
> PGP key signatures) are designed to prevent.
I think Carl's point is that when you write an e-mail to Carl, you
probably don't care that it reaches the "real" Carl Ellison, because you
don't have a binding between the name "Carl Ellison" and the physical
person. A binding between a name and a key is useless if there is no
binding between the name and the person. Since this is the case, why not
forget about the binding between the name and the key (or turn it into a
local one as I suggested in the previous post) and go straight to the
binding between the key and the person?
On the other hand, if you do have a binding between the name and the
person, then most likely you met Carl at some point in the past and he
told you his name was Carl Elison. In that case it would have been just
as easy for him to give you his public key instead.
Wei Dai
Thread
Return to October 1995
- Return to “Adam Shostack <adam@homeport.org>”
- Return to “Bob Smart <smart@mel.dit.csiro.au>”
- Return to “Carl Ellison <cme@TIS.COM>”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to “Hal <hfinney@shell.portal.com>”
- Return to “Jeff Weinstein <jsw@netscape.com>”
- Return to “Jiri Baum <jirib@sweeney.cs.monash.edu.au>”
- Return to “Raph Levien <raph@CS.Berkeley.EDU>”
- Return to “tomw@orac.engr.sgi.com (Tom Weinstein)”
Return to “Wei Dai <weidai@eskimo.com>”
- 1995-10-02 (Mon, 2 Oct 95 08:57:01 PDT) - Certificate proposal - Carl Ellison <cme@TIS.COM>
- 1995-10-02 (Mon, 2 Oct 95 10:13:58 PDT) - Re: Certificate proposal - Raph Levien <raph@CS.Berkeley.EDU>
- 1995-10-02 (Mon, 2 Oct 95 15:03:37 PDT) - Re: Certificate proposal - Carl Ellison <cme@TIS.COM>
- 1995-10-05 (Thu, 5 Oct 95 12:25:49 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-05 (Thu, 5 Oct 95 16:02:51 PDT) - Re: Certificate proposal - Bob Smart <smart@mel.dit.csiro.au>
- 1995-10-06 (Thu, 5 Oct 95 17:56:42 PDT) - Re: Certificate proposal - Wei Dai <weidai@eskimo.com>
- 1995-10-05 (Thu, 5 Oct 95 16:07:56 PDT) - Re: Certificate proposal - Jeff Weinstein <jsw@netscape.com>
- 1995-10-06 (Thu, 5 Oct 95 17:32:26 PDT) - Re: Certificate proposal - Adam Shostack <adam@homeport.org>
- 1995-10-06 (Thu, 5 Oct 95 17:41:02 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-06 (Thu, 5 Oct 95 20:59:01 PDT) - Re: Certificate proposal - tomw@orac.engr.sgi.com (Tom Weinstein)
- 1995-10-06 (Fri, 6 Oct 95 00:04:44 PDT) - Re: Certificate proposal - Jeff Weinstein <jsw@netscape.com>
- 1995-10-06 (Thu, 5 Oct 95 21:20:34 PDT) - Re: Certificate proposal - Hal <hfinney@shell.portal.com>
- 1995-10-12 (Wed, 11 Oct 95 18:47:53 PDT) - Re: Certificate proposal - Jiri Baum <jirib@sweeney.cs.monash.edu.au>
- 1995-10-12 (Thu, 12 Oct 95 00:08:31 PDT) - Re: Certificate proposal - futplex@pseudonym.com (Futplex)
- 1995-10-12 (Wed, 11 Oct 95 18:47:53 PDT) - Re: Certificate proposal - Jiri Baum <jirib@sweeney.cs.monash.edu.au>
- 1995-10-06 (Thu, 5 Oct 95 23:59:32 PDT) - Re: Certificate proposal - Jeff Weinstein <jsw@netscape.com>
- 1995-10-06 (Fri, 6 Oct 95 00:08:18 PDT) - Re: Certificate proposal - Jeff Weinstein <jsw@netscape.com>
- 1995-10-06 (Fri, 6 Oct 95 12:12:42 PDT) - Re: Certificate proposal - tomw@orac.engr.sgi.com (Tom Weinstein)
- 1995-10-02 (Mon, 2 Oct 95 10:13:58 PDT) - Re: Certificate proposal - Raph Levien <raph@CS.Berkeley.EDU>