[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: non-key-sharing

To: Bob Jueneman <BJUENEMAN@novell.com>, Bob.Smart@cmis.CSIRO.AU, cme@cybercash.com
Subject: Re: non-key-sharing
From: Bill Frantz <frantz@netcom.com>
Date: Thu, 6 Nov 1997 23:38:12 -0800
Cc: spki@c2.net
In-Reply-To: <s461a4e6.045@novell.com>

At 10:06 AM -0800 11/6/97, Bob Jueneman wrote:
>Bill has raised a couple of interesting points, which have mirrored some of
>my concerns on the DIGSIG board.
>
>The case of the husband who shares his private key with his wife for access
>to their joint checking account is precisely the example I used to highlight
>a hidden danger.  What happens if you are Jack Kent Cook, and your wife
>doesn't happen to like the terms of your most recent will.  Unknown to you,
>she writes a codicil to you will and signs it using your private key, which
>you gave to here to access your joint checking account (the household
>account, which probably only had a mere million or two in it -- not the main
>Daddy War bucks account).  Are you going to come back from the grave and
>repudiate that usage?
>
>The over-18 certificate is another interesting case that violates the normal
>assumption that no one in their right mind would share their private key.
>Even if the certificate could not be used to actually purchase anything,
>there might be a substantial market for such a certificate just to access
>free porn bulletin boards and chat rooms that were age restricted.
>
>Both of these examples are cases where the combination of digital signature
>certificates and biometrics would be useful.

I get the feeling that there is an underling assumption that key pairs are
a scarce resource.  This is certainly not true in the SPKI case, although
it may be in the more general digital signature realm.  In the banking
case, I specifically mentioned the assumption that the key pair used was
specific to the account.

If key pairs are to be considered scarce, what technical and social steps
must we take to make them scarce?  If they are not scarce, then people who
want to "informally delegate" them have no incentive not to share them.  A
modest charge for a cert will only be a modest disincentive.


-------------------------------------------------------------------------
Bill Frantz       | Internal surveillance      | Periwinkle -- Consulting
(408)356-8506     | helped make the USSR the   | 16345 Englewood Ave.
frantz@netcom.com | nation it is today.        | Los Gatos, CA 95032, USA

Follow-Ups:

Re: non-key-sharing

From: Carl Ellison <cme@cybercash.com>

Prev by Date: Re: Validity periods can be handled more explicitly
Next by Date: uses of MD5 hashes
Prev by thread: Re: non-key-sharing
Next by thread: Re: non-key-sharing
Index(es):
- Main
- Thread