[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SDSI name interpretation
At 05:04 PM 6/14/96 -0400, hallam@Etna.ai.mit.edu wrote:
>
>>I have to come down on the side of SDSI's original scheme. What you're
>>asking for is covered by SDSI as (rsa.com's DNS's verisign.com) which is
>>probably the same as (openmarket's DNS's verisign.com).
>
>No, this is not the same at all. You are assuming that the party rsa considers
>to be DNS is the same party as the one I consider to be DNS.
Phill,
I think it's the other way around. I believe *you* are assuming that each of us sees the same DNS. The SDSI way of writing that at least inspires the question: "Does (rsa.com's DNS) = (openmarket.com's DNS)?" Furthermore, the question can be answered. By comparing the public key of (rsa.com's DNS) to the public key of (openmarket.com's DNS), I can learn definitively that they're the same, assuming the public keys are. If they're not, I can ask RSA and Openmarket for clarification -- possibly warning them that one of them may have been spoofed in a very serious way.
>The distinction is between the party that X calls Y and the party that X
>believes to be generally known as Y.
I just don't buy the "X believes to be generally known as Y" construct carries the same solidity as "X calls Y". The "generally known as" construct assumes there is a global, shared name space. Outside of Bill Clinton and a handful of others, I don't know who else would be in that name space.
>The problem with the private namespaces approach is that the namespace is
>unbounded even for a finite number of participants.
>
>
>I think that the use of relative names needs to be confined to the one area
>where they are relevant - the establishment of the Web of trust itself.
>Unless there is a clear principle that the parties are all seeking to establish
>a common binding to a particular name I don't see that there is much value in
>the process.
I think we are forced by human nature to use relative names for everything. To me, this is like Einstein's Relativity. There *is* no global name space.
- Carl
From ???@??? Sat Jun 15 11:33:22 1996
Return-Path: <owner-spki@c2.org>
Received: from callandor.cybercash.com (callandor1.cybercash.com) by cybercash.com (4.1/SMI-4.1)
id AA02167; Fri, 14 Jun 96 19:05:10 EDT
Received: by callandor.cybercash.com; id TAA23585; Fri, 14 Jun 1996 19:01:59 -0400
Received: from infinity.c2.org(140.174.185.11) by callandor.cybercash.com via smap (V3.1)
id xma023583; Fri, 14 Jun 96 19:01:49 -0400
Received: (from daemon@localhost) by infinity.c2.org (8.7.4/8.6.9)
id PAA13166 for spki-outgoing; Fri, 14 Jun 1996 15:55:30 -0700 (PDT)
Community ConneXion: Privacy & Community: <URL:http://www.c2.net>
Message-Id: <2.2.32.19960614225647.008b7b34@cybercash.com>
X-Sender: cme@cybercash.com
X-Mailer: Windows Eudora Pro Version 2.2 (32)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Fri, 14 Jun 1996 18:56:47 -0400
To: hallam@Etna.ai.mit.edu
From: Carl Ellison <cme@cybercash.com>
Subject: Re: SDSI name interpretation
Cc: spki@c2.org, hallam@Etna.ai.mit.edu
Sender: owner-spki@c2.org
Precedence: bulk
At 05:04 PM 6/14/96 -0400, hallam@Etna.ai.mit.edu wrote:
>
>>I have to come down on the side of SDSI's original scheme. What you're
>>asking for is covered by SDSI as (rsa.com's DNS's verisign.com) which is
>>probably the same as (openmarket's DNS's verisign.com).
>
>No, this is not the same at all. You are assuming that the party rsa considers
>to be DNS is the same party as the one I consider to be DNS.
Phill,
I think it's the other way around. I believe *you* are assuming
that each of us sees the same DNS. The SDSI way of writing that at least
inspires the question: "Does (rsa.com's DNS) = (openmarket.com's DNS)?"
Furthermore, the question can be answered. By comparing the public key of
(rsa.com's DNS) to the public key of (openmarket.com's DNS), I can learn
definitively that they're the same, assuming the public keys are. If
they're not, I can ask RSA and Openmarket for clarification -- possibly
warning them that one of them may have been spoofed in a very serious way.
>The distinction is between the party that X calls Y and the party that X
>believes to be generally known as Y.
I just don't buy the "X believes to be generally known as Y" construct
carries the same solidity as "X calls Y". The "generally known as"
construct assumes there is a global, shared name space. Outside of Bill
Clinton and a handful of others, I don't know who else would be in that name
space.
>The problem with the private namespaces approach is that the namespace is
>unbounded even for a finite number of participants.
>
>
>I think that the use of relative names needs to be confined to the one area
>where they are relevant - the establishment of the Web of trust itself.
>Unless there is a clear principle that the parties are all seeking to
establish
>a common binding to a particular name I don't see that there is much value in
>the process.
I think we are forced by human nature to use relative names for everything.
To me, this is like Einstein's Relativity. There *is* no global name space.
- Carl
+--------------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+--------------------------------------------------------------------------+