[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: identity protection and DOS
Michael Thomas <mat@cisco.com> writes:
> I'm 99% certain we've entered a rathole here because
> we got here by way of saying that public key certs
> might contain private information on them. I still
> find that a highly dubious proposition, regardless
> of whether you think that transactional identity
> hiding is a good idea.
It doesn't matter, to me, whether the certs contains public
information or not -- they provide linkability which does not
otherwise (necessarily) exist. If my IP address is constantly
changing (yea, Cablemodems) then someone viewing my transactions has
no linkability between address changes. Providing access to the PK
cert gives them linkability, even if all the information is public.
> > What added expense? One round-trip and a DH? Sorry, that
> > doesn't sound very expensive to me. Moreover, it isn't even
> > an extra round-trip; it's only one-half a round trip:
>
> It also brings in the expense of doing DH's
Um, please re-read what I said: "One round-trip and a DH". Are you
saying that there are multiple DHs? I already accounted for one and
maintain that one DH is not too expensive.
> Mike
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
References: