[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Identity certification (was Re: ANNOUNCEMENT: SPKI ...)
>At 11:22 2/26/96, Jueneman@gte.com wrote:
>
>>I'm just saying all this in the spirit of "been there, done that."
>
>I, for one, look forward to your comments, based on your years of experience,
>on the proposal I put forth earlier today.
>
> [http://www.clark.net/pub/cme/html/cert.html]
I'll download it as soon as I can get a break.
>
>This presupposes that you have a Bill Smith in mind, from meeting him
>in the physical world, and you're looking for his key. In fact, I believe
>you're describing the X.500 problem, not the X.509 problem. That is, I knew
>someone once and want to find them on the Internet. Once I've found them,
>it's relatively easy to find a public key for them.
>In a way, I think the paragraphs of yours I quoted above are anachronistic.
>
>Most of my friends for whom I need public keys are people I've met online.
>I've never met them in the physical world, so I have no way to distinguish
>one Bill Smith from another.
>
>I know them only through their written words.
>
>If these people digitally signed their messages, then the public key
>associated with those signatures is the very best unique name for these
>individuals. It belongs to the mind which composed the words by which
>I came to know this person and is a far more direct, solid, immediate
>link to that "person" I came to know than would be any name tied to the
>physical world.
Yes, that is certainly true for many applications. I correspond with many
people I have never met and probably never will meet, as far away as Australia.
At that level, it is like arguing whether William Shakespeare or someone else
wrote a particular sonnet. Who really cares (unless you want to put a rose on
his gravestone) -- he wasn't even consistent in the way he spelled his name
himself. But his thought patters, word usage, and many other subtle clues allow
you to tell with reasonable certainly that the same author wrote most if not
all of the different works ascribed to him.
So in that sense we don't need a "real" identity, at least at first -- we just
need assured continuity. (No one knows you're a dog on the Internet. Until the
first date!) The same is (almost) true for some banking and credit card
applications -- no one cares what your name really is, so long as you keep
paying the bills. But if you stop paying, then they ARE going to care, and that
is when life starts to get a little messy.
And if you want to extend some of these applications a little further to
include business letters, then identity (at least the kind of identity you
derive from your association with an organization) does matter. And if you
extend it further yet, to the point of acting as a purchasing agent or a
contracting officer, then your identity matters a lot more.
You could validly claim that it isn't the identity that is so important, but
rather the role you play. I wouldn't argue with you there, but conventionally
we sign such documents with our names, and if we have a formal title or role,
with that title or role.
>
>[The ones I know physically, I obtain keys from in person, for the most part.
>The few remaining can establish their identities, for my purpose, by telling
>me things only the two of us know, over a secure channel. So, even in this
>case where I have physical-world references to a given person, I don't
>need a Distinguished Name.]
>
> - Carl
Would I be correct that it isn't the existance of a Distinguished name in a
certificate that bothers you as much as the content?
Suppose your DN were c=us, o=CertsRsus, serialNumber=12324567890, or
equivalently 123456.7890@compuserve.com, would that make you happy?
And then you can put whatever you like in the alternateName, from Carl Ellison
to Snoop Doggy Dog. Would that make you happy? (I'd like to see a
differentiation made between someone's "real" name and a moniker, but that is a
rather small point, and something that could easily be distinguished with a
different X.509 attribute. (Without a distinction in the encoding, it would be
more difficult to syntactically distinguish between Webb Augustine and Web
Server.)
Of course if you use that certificate to sign the deed to your house the bank
may not accept it, but so what -- use another certificate for such purposes.
As I said, I'll read your contribution as soon as I can. But does this make any
sense to you?
Bob
Robert R. Jueneman
GTE Laboratories
40 Sylvan Road
Waltham, MA 02254
Jueneman@gte.com
1-617/466-2820
"The opinions expressed are my own, and may not
reflect the official position of GTE, if any, on this subject."