[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: global names are a security flaw

To: Ed Gerck <egerck@laser.cps.softex.br>
Subject: Re: global names are a security flaw
From: Carl Ellison <cme@cybercash.com>
Cc: spki@c2.net
In-Reply-To: <Pine.LNX.3.95.971205064816.1304I-100000@laser.cps.softex.br>
References: <3487283D.185F@trsvr.tr.unisys.com>

-----BEGIN PGP SIGNED MESSAGE-----

At 07:18 AM 12/5/97 -0200, Ed Gerck wrote:
>3. "the kind of problem Carl described" could just as well be exemplified 
>   with local names. It is due to a poor protocol, not to a poor naming
>   scheme. It has nothing to do with a "flaw" of global names. 

That flawed protocol was derived without straining (using known human 
behavior) from the existence of common names inside a DN in an old style 
PKI.  Sure you could contrive a flawed protocol with local names, if names 
in the local name space were to take the form of DNs and there were to be 
too many names in it, for example.

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3

iQCVAwUBNI7NxRN3Wx8QwqUtAQEAyQP/ddFasPZN3x87s4SIq9fFU9WFfypQ1UZ8
eycVvwTGj29E153EVjuFUHKYNjHmXjmDEyiLWlSkpHj6alXGTpNnQAO9oL3PR7Qk
xwwMZdy8TMX/sqASucT07bHjEXV+E2NXEixmEI/n1VTDWN/jSLgF+bYyA+6sEBr1
d7lCmjWvkZc=
=kKbo
-----END PGP SIGNATURE-----

References:

Re: global names are a security flaw

From: Bill Buffam <bjb@trsvr.tr.unisys.com>

Re: global names are a security flaw

From: Ed Gerck <egerck@laser.cps.softex.br>

Prev by Date: Re: global names are a security flaw
Next by Date: Re: global names are a security flaw
Prev by thread: Re: global names are a security flaw
Next by thread: Re: global names are a security flaw
Index(es):
- Main
- Thread