1996-05-20 - Re: Senator, your public key please?

Header Data

From: bryce@digicash.com
To: tcmay@got.net (Timothy C. May)
Message Hash: efb9bb809490ee57087deedea19a484f86a5df49bb03c804c7468c738bbc3e79
Message ID: <199605201050.MAA13366@digicash.com>
Reply To: <adc3916e04021004f2b9@[205.199.118.202]>
UTC Datetime: 1996-05-20 15:54:31 UTC
Raw Date: Mon, 20 May 1996 23:54:31 +0800

Raw message

From: bryce@digicash.com
Date: Mon, 20 May 1996 23:54:31 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Senator, your public key please?
In-Reply-To: <adc3916e04021004f2b9@[205.199.118.202]>
Message-ID: <199605201050.MAA13366@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

 TCMay probably wrote something like:
>
> At 8:38 PM 5/18/96, bryce@digicash.com wrote:
> 
> ...(my points elided)...
> 
> >All of these are products of misconceptions between using the
> >WoT to certify identities, versus using it to certify how much
> >you trust a person to certify someone else's identify, versus
> >using it to certify arbitrary other qualities about a person.
> 
> Bryce, we've differed several times before about the web of trust,
> especially "man-in-the-middle" issues. This looks to be the same sort of
> issue.


Indeed we have, and it verged on philosophical territory, and 
I would really enjoy discussing the issue again with you 
sometime, although perhaps we've gotten about as much as we can 
get out of it in e-mail.


But I think that _this_ issue is a lot simpler, and a lot easier
for us to agree on.  To wit:


> I personally don't see key-signings as mainly useful for verifying the
> "true name" of someone whose key I sign. (I don't check birth certificates,
> passports, driver's licenses, etc.)
>
> Rather, I view _my_ key signings as forms of vouching, or endorsement. Not
> of all views, naturally, but as a statement that the person whose key I am
> signing is someone I know and "trust" (in the sense that the key belongs to
> the person I "know." Thus, I know Eric Hughes, even though he may actually
> be Fritz Kacynski, drop-out math student.


Sure.  For my part, _I_ personally don't see key-signings as
mainly useful for verifying the "true name" of someone.  Rather
I view _my_ key signings as verifying that (for one reason or
other), I believe the owner of the key to be the originator of
the information that is published under that key (= nym).


All I am saying by talking of "misconceptions between using the
WoT to certify identities, versus using it to certify [...]
other qualities", is that each of these different uses of key-
signings are.. well..  _different_, and they shouldn't be
mistaken for one another.


Unfortunately PGP 2 only allows one kind of certificate.  The
"key-signature".  To PRZ and most other people, it is a
certificate asserting a mapping between a key and a true name.
To me it is as I described above.  To TCMay, it is a kind of
endorsement.  It's just too bad that PGP 2 doesn't have
different _kinds_ of certificates to represent these different
assertions.  Until a certificate technology like that is
implemented, and probably even after that time, we need to
avoid confusing these various meanings for "key-signatures".


> I believe different agents will use these belief networks in different
> ways. Some will be focused on the issue of True Names and will calculate
> beliefs on the basis of how much they think the key-signers are being
> diligent enough in checking identities. Others will use belief networks to
> convey trust that one is not a government agent (a practical example being
> the use of PGP and webs of trust in the jungles of Burma, where I am quite
> sure the "keyrings" did not deliberately include government agents,
> regardless of how well they "proved" their identity!
> 
> There is no single ontological interpretation of belief networks.


Well here we have that epistemological issue again.  I believe
that there is a single "proper" or "best" ontological
interpretation of many or most belief networks.  (At least, of 
the belief networks that we care about.)  But skipping that
issue, my point in this post is just that there should be
informtion encoded in these belief nets/WoT's which
differentiates the different kinds.


Note that it is possible to differentiate between two meanings
without admitting that their meanings are meaningfully
ascertainable by humans...


<note: quote out of order>

> Bryce, I respect your views on this and MITM issues, but the fact that we
> view things differently (and that Phil Z. views things differently from
> you, and perhaps from me) should not always be ascribed by you as
> "reflecting lack of understanding."


Hey, maybe I should be more humble, or more gentle, but this is
the Internet, you know?  Here, I'll present a representation of
my internal Bayesian belief network with explicit mention of the
certainty qualifications:

"A.  Since Tim and I view things differently with respect to
this subject, one of us is wrong.
A's certainty: 0.95

B.  I am right.
B's certainty: 0.93

C.  (from A,B)  Tim is wrong.
C's certainty: (from A,B)  0.93*0.95=0.8835"


Now more seriously, the alacrity with which I bring up 
disagreements with Tim should in fact be construed as a measure
of my _respect_ for his opinions and for his mind, rather that
as a lack of respect for same.


Regards,

Bryce




-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: http://www.c2.net/~bryce/ -- 'BAP' Easy-PGP v1.1b2

iQB1AwUBMaBOXEjbHy8sKZitAQGqOQMAg5PBy6raiNd2gyy35h9F5CDGxmFTprE9
Ff55OWlPlY/+LM55+Vby94QJ6Df+pNby8yLmRudGZA7OXNeFArKu11AQyd3OXm6N
mY9RobZQ+t5aawB9CMtGnsR8NvC/LJU0
=wKml
-----END PGP SIGNATURE-----





Thread