1997-12-08 - Re: WoT discussions, Trust for Nyms

Header Data

From: “Arnold G. Reinhold” <reinhold@world.std.com>
To: Adam Back <smith@securecomputing.com
Message Hash: bf69d4310ab3e0af9f31950b78032ea8807277f5b76fa72fafdfb281eba89636
Message ID: <v03110702b0b1db4cc9b3@[24.128.40.70]>
Reply To: <v03007800b0ae121c8f4c@[172.17.1.150]>
UTC Datetime: 1997-12-08 17:56:43 UTC
Raw Date: Tue, 9 Dec 1997 01:56:43 +0800

Raw message

From: "Arnold G. Reinhold" <reinhold@world.std.com>
Date: Tue, 9 Dec 1997 01:56:43 +0800
To: Adam Back <smith@securecomputing.com
Subject: Re: WoT discussions, Trust for Nyms
In-Reply-To: <v03007800b0ae121c8f4c@[172.17.1.150]>
Message-ID: <v03110702b0b1db4cc9b3@[24.128.40.70]>
MIME-Version: 1.0
Content-Type: text/plain



At 12:06 AM +0000 12/6/97, Adam Back wrote:>
>
>Another lower bandwidth method of making the MITM's job harder is to
>sign and/or publish hashes of public key databases -- download the
>keys, or some useful easily definable subset of keys on keyservers,
>and publish the hash of them in as many media as possible (web,
>finger, news, mail, newspapers, etc.)
>

I have always felt this to be a nearly complete and practical answer to
MITM attacks. Frozen versions of major key databases would be made
available on the net along with a master list of hashes. The hash of that
master list would be widely distributed by electronic and non-electronic
means. One would only have to do it periodically, say every year or two.
Why can't this be done now?

A public billboards would be a good location to post the master hash.  (I
like to call the whole approach the "Billboard defense.") I suspect one
could rent visible space on the back side of billboards quite cheaply.
Another good location would be on a bulletin board near a publicly
accessible library. The MIT "infinite corridor" comes to mind.

A variant is for PGP users to post their own fingerprint near their house
or place of business. A business-card-size sign in a window near the front
door would do. People who agree to post such signs would be identified in
the key server database. A suspicions John could then look up a suitable
public key holder in their area, visit their house, and verify the
fingerprint. John would then e-mail an encrypted request to verify a
suspect key to that person.

>Let's say John buys a book on cryptography, and the author included
>his fingerprint.  Then John could use this person to authenticate a
>key with Alice.  He could write to the author, including a nonce with
>the plaintext, and ask the author to check that the key he thought
>belonged to Alice really did belong to her.
>

My PGP fingerprint is printed on page 232 of E-mail for Dummies, 2nd
edition, IDG Books Worldwide, which I co-authored.

Arnold Reinhold







Thread