From: tcmay@got.net (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: 30f23ffbcda54c873580be168685423bcaaaa4b7de2ae6bceab4ece07e3113a2
Message ID: <aceb57071f0210045a46@[205.199.118.202]>
Reply To: N/A
UTC Datetime: 1995-12-06 22:24:36 UTC
Raw Date: Wed, 6 Dec 95 14:24:36 PST
From: tcmay@got.net (Timothy C. May)
Date: Wed, 6 Dec 95 14:24:36 PST
To: cypherpunks@toad.com
Subject: Re: News on Congressional Debate on Exon
Message-ID: <aceb57071f0210045a46@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain
This is a VERY positive idea!
At 3:54 PM 12/6/95, Peter Trei wrote:
>Actually, I've been thinking about this quite a bit recently. I'm building
>an SSL enabled server, and clent-side authentication may provide
>some help. I could see a user getting his or her public key certificate
>signed with different CA keys which assert any number of conditions,
>such as:
>
>Key holder was born before (some particular date).
>Key holder has access to sales data for XYZ corp.
>Key holder is an adult who takes the first amendment seriously.
>
>... and the server would recognize different CA signatures as permitting
>different levels of access.
This is something that could get two things done:
1. Protect ISPs and Web sites from claims they aren't taking any steps to
block children. (I won't get into the "children should be allowed to
appreciate the beauty of the human body" issue, just noting that an ISP or
Web site could deny access to account holders under 18, or over 30, or
whatever he wants to do.)
2. Get wider currency for the concept of digitally signed credentials,
especially if these are _blinded credentials_, where the credential is for
an age, say, and not an identity. (Standard Chaumian stuff, though likely
to be nontrivial to implement.)
>If your browser permitted you to select the key certificate used in
>setting up the encrypted link (and different certs or sets of certs
>could be protected with different passphrases), then Mom or Dad
>could use their I-am-an-adult credential to read www.xxx.com,
>while Junior could not. There *is* a loss of anonymity in this scheme,
>however.
There may be ways around the loss of anonymity. Ideally, with blinded
credentials, But in the short term, through Web proxies and/or servers.
For example, Sameer's c2.org could issue accounts to people who can prove
they are over 18 (notarized copies of birth certif., passport, etc.).
Sameer's system would then have a credential saying "this account name is
over 18."
(There is of course little that can be done about people who lend their
accounts to minors, absent any effective biometric security measures. No
current system, certainly not Exon-Coates, can deal with this.)
>I realize that digital credentials are old hat on this list. The point I am
>making is that the pieces for doing this are here - we just need to
>assemble them.
>
>(This is not to suggest that I am in favor of Exon/Coates in any way -
>I am not. )
I think this could be quite a good project, provided it is not trying to be
all things to all people.
--Tim May
Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^756839 | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."
Return to December 1995
Return to “tcmay@got.net (Timothy C. May)”