[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SKIP fails anonymity

To: ipsec@ans.net
Subject: SKIP fails anonymity
From: "William Allen Simpson" <bsimpson@morningstar.com>
Date: Wed, 15 Nov 95 04:58:42 GMT

> Date: 14 Nov 95 11:22:25 -0800
> From: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>
> Subject: WG Last Call for SKIP I-D
>
SKIP fails to provide adequate anonymity.

In order to scale, SKIP certificates will need to be widely available,
making it easy to compile a world-wide database.  The name space must be
searchable for deployment to scale.

Use of a hash, public-value, or other index to identify the master key
is easily searched among all known master certificates.  The type of
certificate used is transparently identified in the SKIP header.

Protection of anonymity by private manual configuration and/or assuming
very large and unsearchable name spaces (page 15) is unacceptable.

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

Prev by Date: Re: editorial on Photuris
Next by Date: SKIP has no Perfect Forward Secrecy
Prev by thread: SKIP fails anti-clogging
Next by thread: SKIP has no Perfect Forward Secrecy
Index(es):
- Main
- Thread