From: bryce@digicash.com
To: “E. ALLEN SMITH” <EALLENSMITH@ocelot.rutgers.edu>
Message Hash: 00e9baf5d549a3da23df2ad5d2819d4330a1427d9296385b615133b4e594790c
Message ID: <199604281539.RAA10757@digicash.com>
Reply To: <01I3X9N6RA1W8Y50LP@mbcl.rutgers.edu>
UTC Datetime: 1996-04-28 20:18:44 UTC
Raw Date: Mon, 29 Apr 1996 04:18:44 +0800
From: bryce@digicash.com
Date: Mon, 29 Apr 1996 04:18:44 +0800
To: "E. ALLEN SMITH" <EALLENSMITH@ocelot.rutgers.edu>
Subject: Re: arbiter/escrow agent for hire
In-Reply-To: <01I3X9N6RA1W8Y50LP@mbcl.rutgers.edu>
Message-ID: <199604281539.RAA10757@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
E. Allen Smith <eallensmith@ocelot.rutgers.edu> wrote:
(> Bryce wrote:)
> >1. Acceptable digital signature upon the "bet statement"
> >from each bettor. (Note that PGP signatures from PGP key
> >pairs which are not connected to me via the Web of Trust, or
> >which are not verifiable by me via an out-of-band
> >connection, are not acceptable digital signatures. This is
> >because of the MITM attack problem, not because I need True
> >Names to be connected to the signatures.)
>
> IIRC, currently Black Unicorn doesn't have any signatures on
> his public key of others. Therefore, this requirement, while understandable,
> could cause a bit of a difficulty in the current situation.
Hm. This is a toughie. For one it would help if Black
Unicorn had a "pseudonym keysignature" from someone who had
a Web O Trust link to me. This would make me more certain
that a hypothetical man in the middle between me and the
rest of you wasn't able to impersonate Black Unicorn. Of
course, such a MITM could still impersonate Black Unicorn by
being between Uni and the rest of us. It would help if Uni
made a habit of publishing his true public key via various
difficult-to-intercept channels, but of course we can't
_know_ whether Uni is doing that or not in any case.
Yeah, it's hard to gain trust in the absence of a Mitch (a.k.a.
MITM) between Uni and us. It is feasible, for my purposes,
though. We could tie Uni's ostensible pubkey to the Web of
Trust. We could assume that Uni is resourceful enough to
publish his own pubkey via difficult-to-intercept channels,
to check his own pubkey, and to broadcast a warning if any
active attack is detected. Then as time passed we could
gain trust in the lack of an active attack on that pubkey.
Currently neither the first (add key to WoT) nor the second
(believe that Uni is actively trying to propagate/check his
key) step is working...
Regards,
Bryce
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2
iQB1AwUBMYORSEjbHy8sKZitAQGXkAMAvU13aY2pzagOtSoYSomvO2tYzZBNZzUw
4Ke8a4tprEOP7r+nkXLH0EJgDEG4OSBzj3FmpxJ6OrMnsb/qDo0vXfI/GlIal0/j
J2z+LxOQvoSOMRKvydZUA/8Wc64+gKYH
=x3Nm
-----END PGP SIGNATURE-----
Return to April 1996
Return to “Sandy Sandfort <sandfort@crl.com>”