[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Man in the middle attacks

On Tue, 5 Mar 1996, Carl Ellison wrote:

> The ways identity-based certificates break the Eve scenario is by second
> channels other than the certificate hierarchy.  The flaw in the whole MITM
> argument is the assumption that any one of us can be held in a dark room
> and fed connectivity to the outside world through a single pipe which one
> eavesdropper can control.  It's an interesting theoretical scenario for
> prompting discussion, but it comes back to a philosophical question:
> if you have Bob locked in Eve's attic, does Bob exist apart from [Bob,Eve]?

That depends on whether or not you've only dealt with Bob online, or, 
alternatively, when Bob got locked in Eve's attic. You posit that Bob was 
locked in Eve's attic before you met Bob. In that case, Bob cannot exist 
(for you) apart from [Bob, Eve].

However, if you've met Bob in person once or twice, especially BEFORE you 
met Bob online, there is a very clear difference.

The question is not merely persistence of identity, but consistency of 
identity.  (ie is Bob the same Bob that he was before he was in Eve's 
attic?)  I think this may be an important concept which has been 
more-or-less overlooked, but I'm just wrapping my mind around it now...

Keys and signatures solve persistence of identity. 

Certificates are intended to solve consistency of identity.

Jon Lasser (410)494-3072                         - Obscenity  is a crutch  for
jlasser@rwd.goucher.edu                            inarticulate motherfuckers.
Finger for PGP key (1024/EC001E4D)               - Fuck the CDA.