1996-07-19 - Re: Reasonable validation of a software package

Header Data

From: Carl Ellison <cme@ACM.ORG>
To: Michael Froomkin <froomkin@law.miami.edu>
Message Hash: 716b23d53478c3ef9a38a86d064cb0d98a855d9606537d15e1cbc02b001dc2b9
Message ID: <v03007601ae1448b80235@[168.143.8.144]>
Reply To: <31E87985.6EF9@ozemail.com.au>
UTC Datetime: 1996-07-19 04:19:20 UTC
Raw Date: Fri, 19 Jul 1996 12:19:20 +0800

Raw message

From: Carl Ellison <cme@ACM.ORG>
Date: Fri, 19 Jul 1996 12:19:20 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: Reasonable validation of a software package
In-Reply-To: <31E87985.6EF9@ozemail.com.au>
Message-ID: <v03007601ae1448b80235@[168.143.8.144]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:33 -0400 7/13/96, Michael Froomkin wrote:
>This illustrates the need for and role of certification authorities.
>
>See http://www.law.miami.edu/~froomkin/articles/trusted.htm  for some
>info.
>

["this" being the possibility that someone would generate lots of signed
public keys with your name on them]

However, there's nothing to stop generation of many certificates from
trusted CAs with your name on them.  In fact, if you have a name like
Michael Smith, and if a CA is successful, there *will be* lots of
certificates with your name on them, even without anyone's trying to do
anything crooked.

The problem people overlook is that a CA binds a public key to a name but
the name is in the CA's name space.  For me, a verifier, to derive any
value from a certificate binding (key,name), the name has to be in *my*
name space.

If there were such a thing as a global namespace meaningful to everyone,
then we could both use it.  That's the X.500 falacy/pipe-dream.

The fact is, no global name space could be held in one human's mind, so
there's no way a global name space could be meaningful to me.

So, to use a certificate from a CA, I need to map a name from its name
space (DN) into a name in my name space (nickname).  Every time I've looked
at that process, I've had to have a secure channel over which to learn from
the person I call by that nickname what DN he goes by.  If I have that
secure channel, then he could tell me his public key fingerprint ove that
cnnel -- and I wouldn't need the CA.

 - Carl


+------------------------------------------------------------------------+
|Carl M. Ellison   cme@acm.org     http://www.clark.net/pub/cme          |
|PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2|
|  "Officer, officer, arrest that man!  He's whistling a dirty song."    |
+-------------------------------------------- Jean Ellison (aka Mother) -+







Thread