[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SDSI and key distribution

At 03:22 PM 5/7/96 -0700, Wei Dai wrote:
>Alice and Bob meet at a party.  They want to exchange public keys, but
>Alice forgot to bring her business card.  Memorizing a 160-bit hash can be
>somewhat cumbersome, even if they are nicely encoded.
>Let me propose a simple solution to this problem: a secure public database
>that allows lookup using arbitrary octect strings. [...]  When
>she meets Bob, she can just say, "My public key is ARB!!'s Alice."
>The idea here is that ARB's local names are completely arbitrary and does
>not necessarily have any relation to any other names (e.g., trade marks or
>legal names).  They serve only as indices to the Principal: objects.

Sounds good, but isn't this already what happens when I say:

finger me at cme@clark.net -- my key is there?

Finger isn't secure enough.  I'd need clark.net to have a recognized key and
to sign mine -- but ISP name assignments seem to be exactly what you're

 - Carl

|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091              Tel: (703) 620-4200                         |