1995-11-29 - Re: The future will be easy to use

Header Data

From: Jon Lasser <jlasser@rwd.goucher.edu>
To: “James A. Donald” <jamesd@echeque.com>
Message Hash: ec94471a5f2b951b6ade9125e8d7e0959a42f3fdac43de4fa81978b5802ed137
Message ID: <Pine.SUN.3.91.951129144206.8834B-100000@rwd.goucher.edu>
Reply To: <199511290707.XAA24211@blob.best.net>
UTC Datetime: 1995-11-29 20:58:50 UTC
Raw Date: Thu, 30 Nov 1995 04:58:50 +0800

Raw message

From: Jon Lasser <jlasser@rwd.goucher.edu>
Date: Thu, 30 Nov 1995 04:58:50 +0800
To: "James A. Donald" <jamesd@echeque.com>
Subject: Re: The future will be easy to use
In-Reply-To: <199511290707.XAA24211@blob.best.net>
Message-ID: <Pine.SUN.3.91.951129144206.8834B-100000@rwd.goucher.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 27 Nov 1995, James A. Donald wrote:

> At 03:30 PM 11/28/95 EST, Carl Ellison wrote:
> > Of course.  This isn't the base case.  We would have some keys which I sign
> > based on my own personal knowledge; things handed to me by people I know;
> > some possibly published in the paper where the real key owner would see the
> > claim and be able to contest it.
> 
> You are making the same erroneous assumption that Phil made when he
> designed the Web of trust:  You assume that it is important and 
> interesting to link key ID's to physical bodies.  This is usually
> not the case:  Linking key ID's to home web pages etc is not only 
> easier -- it is also usually more interesting and important.

Not if you're encrypting a Credit Card transaction to ship physical 
goods.  In that case, I'm going to certainly want to link a key ID to a 
physical body (or at least address) if I'm the seller, so as to limit 
liability as best I can.

While this might not ultimately be important, early adopters of crypto on 
the net seem in general to be financially interested with an eye to limiting 
liability. They want linked keys.

There's a public-relations aspect to crypto which most systems not 
linking name -> key id fail.  This is the step necessary to get it out 
the door.

Unfortunately, it also appears counter to CP philosophy.

However, if you have optional linking of ID and name, shippers will only 
ship to keys with such attributes. Because just ID and address, it could 
be a "hit and run" type attack shipped to a safe maildrop.

Jon
------------------------------------------------------------------------------
Jon Lasser                <jlasser@rwd.goucher.edu>            (410)494-3072 
          Visit my home page at http://www.goucher.edu/~jlasser/
  You have a friend at the NSA: Big Brother is watching. Finger for PGP key.






Thread