[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: one-body, one-cert

At 12:04 PM 10/21/96 -0700, Hal Finney wrote:
>> As soon as you have a second is-a-person CA, you have given a miscreant a
>> second chance to do evil -- right?
>I'm not sure exactly what you mean.  As I see it, the is-a-person
>credential is primarily used by a service which wants to make sure
>that all of its users are unique.  Your voting example is a good one.
>Now suppose some issuer of such credentials was evil and refused to
>issue a credential to some person.  If there were a competing CA, the
>person could get a credential from that other one.  

Yes.  This protects me from the evil CA.  However, the original posting
person wanted to make sure that once he had seen bad behavior on my part
(where "I" am identified by my DNA) that every future use of any key by me
will gain me no access to his service.

I believe these two desires are fundamentally opposed -- irreconcilable.
If someone does a bad thing with some key I'm supposed to control, then I
want to be able to write that key off and get another one to give me
access.  If *I* do the bad thing, then he doesn't want me ever to get
access again.

This is resolvable only if we have a way to detect the DNA behind the actor
-- but we don't.  All we have are keys which a person controls -- until he

 - Carl

|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |