From: Carl Ellison <cme@TIS.COM>
To: EALLENSMITH@ocelot.Rutgers.EDU
Message Hash: 4d07676706c0743c3e8d54c099aa9eebdbb1365643a4e0ddd9ee6411f6269b92
Message ID: <9511301916.AA17069@tis.com>
Reply To: <01HY987RZFD48WYZNO@mbcl.rutgers.edu>
UTC Datetime: 1995-11-30 20:03:51 UTC
Raw Date: Fri, 1 Dec 1995 04:03:51 +0800
From: Carl Ellison <cme@TIS.COM>
Date: Fri, 1 Dec 1995 04:03:51 +0800
To: EALLENSMITH@ocelot.Rutgers.EDU
Subject: Re: Attribute-testimony example (was Re: The future will be easy touse)
In-Reply-To: <01HY987RZFD48WYZNO@mbcl.rutgers.edu>
Message-ID: <9511301916.AA17069@tis.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
>Date: Thu, 30 Nov 1995 13:33 EDT
>From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
>Once an element of that set is identified, it can be assigned a codeword
>(to make parsing easier).
>----------
> How about an email address? Or a URL?
In this case, I was talking about an abbreviation for an attribute
rather than for a person -- e.g.,
"checking-account: <number>,<bank>"
standing, for example, for
"The person (entity) capable of signing with the signed-key
identified above is authorized to withdraw money from checking account
number <number> at <bank>."
However, in offline mail I just had this interchange:
>>Date: Thu, 30 Nov 1995 12:47:28 -0500 (EST)
>>From: Jon Lasser <jlasser@rwd.goucher.edu>
>
>>Maybe it is just out of habit. But there's another aspect, not looking
>>at other people, but looking at oneself:
>>
>>"This is _my_ key."
>>
>>"But my name isn't on the key."
>>
>>"The key says I belong to it."
>>
>>"Hey! I'm not just a number!"
>
>I think you're exactly right here. That's the problem.
>
>Perhaps we need to include the person's name in the keyID.
>
>So instead of:
>
>Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
>
>we could use:
>
>Signed-Key-ID: Carl Ellison (e05c601c4ec4af3aeb54a53171ed65da)
>
or
Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison)
to follow the SMTP example, or
Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison <cme@tis.com>)
to follow the PGP example.
In this case, the text attached to the key is optional -- but there for the
people who feel attached to their names. It's left off (or replaced with a
handle) for folks who want anonymity.
The fact remains that the key is the source of authority here. The name
acquires validity from the key, not the other way around, and that might
upset some people who bother to think about it. However, those who prefer
to think the name is important can view the key hash as an added field
making the name unique -- with the extra added bonus of being tied strongly
to a public key.
- Carl
+--------------------------------------------------------------------------+
|Carl M. Ellison cme@tis.com http://www.clark.net/pub/cme |
|Trusted Information Systems, Inc. http://www.tis.com/ |
|3060 Washington Road PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD 21738 Tel:(301)854-6889 FAX:(301)854-5363 |
+--------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBML4CoVQXJENzYr45AQFvJQQAszQbHHIXlOVFpdBv3K/J6f3FmCBoSvhX
Fpy9T0OJAH2pndzH1cZLVTQzS+j/p4tY5P6YAlF+VS047T6jQqF31Kn1fIUlEjzw
0/t/W+7BQ+IktrrNtyJfEx5rFYKUg6rViTg3UF+knocBIMTRfm0EbuMkv7hCN5Ho
iE0n9FZ+XIc=
=e+iE
-----END PGP SIGNATURE-----
Return to November 1995
Return to ““E. ALLEN SMITH” <EALLENSMITH@ocelot.Rutgers.EDU>”