[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: non-key-sharing

To: Bob Jueneman <BJUENEMAN@novell.com>
Subject: Re: non-key-sharing
From: Carl Ellison <cme@cybercash.com>
Date: Mon, 17 Nov 1997 00:34:48 -0500
Cc: Bob.Smart@cmis.CSIRO.AU, cme@cybercash.com, frantz@netcom.com, spki@c2.net
In-Reply-To: <s461a4e6.047@novell.com>
Sender: owner-spki@c2.net

-----BEGIN PGP SIGNED MESSAGE-----

At 11:06 AM 11/6/97 -0700, Bob Jueneman wrote:
>Bill has raised a couple of interesting points, which have mirrored some of
>my concerns on the DIGSIG board.
>
>The case of the husband who shares his private key with his wife for access
>to their joint checking account is precisely the example I used to highlight
>a hidden danger.  What happens if you are Jack Kent Cook, and your wife
>doesn't happen to like the terms of your most recent will.  Unknown to you,
>she writes a codicil to you will and signs it using your private key, which
>you gave to here to access your joint checking account (the household
>account, which probably only had a mere million or two in it -- not the main
>Daddy War bucks account).  Are you going to come back from the grave and
>repudiate that usage?
>
>The over-18 certificate is another interesting case that violates the normal
>assumption that no one in their right mind would share their private key. 
>Even if the certificate could not be used to actually purchase anything,
>there might be a substantial market for such a certificate just to access
>free porn bulletin boards and chat rooms that were age restricted.
>
>Both of these examples are cases where the combination of digital signature
>certificates and biometrics would be useful.

It would be useful to know what human was the (keyholder(k1)) at the time of 
a given signature.  We have a name for such a mechanism:  a notary.

So, for this usage, we want a digital signature machine which can be trusted 
to prove that a given biometric individual was operating the machine at the 
time of the signature.  That notary machine needs to be identified in the 
signed document and we need proof that the notary machine wasn't spoofed.  
That takes another level of notary, ....

With humans, operating in small closed communities, giving oral testimony -- 
the case under which our law was created and for which our practices remain 
consistent -- there was no question about spoofing of notaries.  If you 
allow that possibility, what happens?

 - Carl

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQCVAwUBNG/XeBN3Wx8QwqUtAQE0hQQAgd1mSmKBjSeen9n0mmTh3ZnMf68lwqjB
a+jXLsJks8PyTX7kgYRVdHw/WTwbOrIwLHwlitSKeSRGxZhHvB+ew5xwedUV9EMY
g+wRd1KfuPRkYTKUWPxjzTd66vKCGSqlzz7Og0RB1zm7nCOZ/gBC8dNmWQPg/MnN
QQryxXLU144=
=c04F
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street  PGP 08FF BA05 599B 49D2  23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

References:

Re: non-key-sharing

From: Bob Jueneman <BJUENEMAN@novell.com>

Prev by Date: Re: matter of semantics
Next by Date: Re: Validity periods can be handled more explicitly
Prev by thread: Re: non-key-sharing
Next by thread: Re: non-key-sharing
Index(es):
- Main
- Thread