[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Identity certification (was Re: ANNOUNCEMENT: SPKI ...)

>At 11:22 2/26/96, Jueneman@gte.com wrote:
>>I'm just saying all this in the spirit of "been there, done that."
>I, for one, look forward to your comments, based on your years of experience,
>on the proposal I put forth earlier today.
>        [http://www.clark.net/pub/cme/html/cert.html]

I'll download it as soon as I can get a break.
>This presupposes that you have a Bill Smith in mind, from meeting him
>in the physical world, and you're looking for his key.  In fact, I believe
>you're describing the X.500 problem, not the X.509 problem.  That is, I knew
>someone once and want to find them on the Internet.  Once I've found them,
>it's relatively easy to find a public key for them.

>In a way, I think the paragraphs of yours I quoted above are anachronistic.
>Most of my friends for whom I need public keys are people I've met online.
>I've never met them in the physical world, so I have no way to distinguish
>one Bill Smith from another.
>I know them only through their written words.
>If these people digitally signed their messages, then the public key
>associated with those signatures is the very best unique name for these
>individuals.  It belongs to the mind which composed the words by which
>I came to know this person and is a far more direct, solid, immediate
>link to that "person" I came to know than would be any name tied to the
>physical world.

Yes, that is certainly true for many applications. I correspond with many 
people I have never met and probably never will meet, as far away as Australia. 
At that level, it is like arguing whether William Shakespeare or someone else 
wrote a particular sonnet. Who really cares (unless you want to put a rose on 
his gravestone) -- he wasn't even consistent in the way he spelled his name 
himself. But his thought patters, word usage, and many other subtle clues allow 
you to tell with reasonable certainly that the same author wrote most if not 
all of the different works ascribed to him.

So in that sense we don't need a "real" identity, at least at first -- we just 
need assured continuity. (No one knows you're a dog on the Internet. Until the 
first date!) The same is (almost) true for some banking and credit card 
applications -- no one cares what your name really is, so long as you keep 
paying the bills. But if you stop paying, then they ARE going to care, and that 
is when life starts to get a little messy.

And if you want to extend some of these applications a little further to 
include business letters, then identity (at least the kind of identity you 
derive from your association with an organization) does matter. And if you 
extend it further yet, to the point of acting as a purchasing agent or a 
contracting officer, then your identity matters a lot more. 

You could validly claim that it isn't the identity that is so important, but 
rather the role you play. I wouldn't argue with you there, but conventionally 
we sign such documents with our names, and if we have a formal title or role, 
with that title or role.
>[The ones I know physically, I obtain keys from in person, for the most part.
>The few remaining can establish their identities, for my purpose, by telling
>me things only the two of us know, over a secure channel.  So, even in this
>case where I have physical-world references to a given person, I don't
>need a Distinguished Name.]
> - Carl

Would I be correct that it isn't the existance of a Distinguished name in a 
certificate that bothers you as much as the content?

Suppose your DN were c=us, o=CertsRsus, serialNumber=12324567890, or 
equivalently 123456.7890@compuserve.com, would that make you happy?

And then you can put whatever you like in the alternateName, from Carl Ellison 
to Snoop Doggy Dog. Would that make you happy? (I'd like to see a 
differentiation made between someone's "real" name and a moniker, but that is a 
rather small point, and something that could easily be distinguished with a 
different X.509 attribute. (Without a distinction in the encoding, it would be 
more difficult to syntactically distinguish between Webb Augustine and Web 

Of course if you use that certificate to sign the deed to your house the bank 
may not accept it, but so what -- use another certificate for such purposes.

As I said, I'll read your contribution as soon as I can. But does this make any 
sense to you?


Robert R. Jueneman
GTE Laboratories
40 Sylvan Road
Waltham, MA 02254

"The opinions expressed are my own, and may not 
reflect the official position of GTE, if any, on this subject."