[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SDSI and key distribution

To: Wei Dai <weidai@eskimo.com>
Subject: Re: SDSI and key distribution
From: Carl Ellison <cme@cybercash.com>
Date: Tue, 07 May 1996 19:54:02 -0400
Cc: spki@c2.org
Sender: owner-spki@c2.org

At 03:22 PM 5/7/96 -0700, Wei Dai wrote:
>Alice and Bob meet at a party.  They want to exchange public keys, but
>Alice forgot to bring her business card.  Memorizing a 160-bit hash can be
>somewhat cumbersome, even if they are nicely encoded.
>
>Let me propose a simple solution to this problem: a secure public database
>that allows lookup using arbitrary octect strings. [...]  When
>she meets Bob, she can just say, "My public key is ARB!!'s Alice."
>
>The idea here is that ARB's local names are completely arbitrary and does
>not necessarily have any relation to any other names (e.g., trade marks or
>legal names).  They serve only as indices to the Principal: objects.

Sounds good, but isn't this already what happens when I say:

finger me at cme@clark.net -- my key is there?

Finger isn't secure enough.  I'd need clark.net to have a recognized key and
to sign mine -- but ISP name assignments seem to be exactly what you're
suggesting.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091              Tel: (703) 620-4200                         |
+--------------------------------------------------------------------------+

Prev by Date: Re: SDSI syntax
Next by Date: Re: SDSI and key distribution
Prev by thread: Re: SDSI and key distribution
Next by thread: Re: SDSI and key distribution
Index(es):
- Main
- Thread