[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Eurocrypt'97 rump session talk


At Eurocrypt'97, I gave a short talk on the death of X.500-style PKIs 
(because the namespace is too large, defeating security) and went from there 
to SDSI, as a solution to the namespace problem.

I then mentioned that both X.500/X.509 and SDSI 1.0 shared the same other 
problem -- that they tried to map relationships from 3d space (where people 
speak) into cyberspace (where keys speak), but ignored the other side-effect 
of the net: that relationships are forming in cyberspace and need to be 
mapped entirely within cyberspace (ala SPKI).

I noted that we still need to map from 3D space to cyberspace, ala SDSI, 
occasionally (e.g., for e-mail) -- but now we also need to map from 
cyberspace to 3D space sometimes.

For that purpose, I postulated two forms of certificate, which I labeled 
donation vs. subpoena certificates.

If you want to donate $1,000,000 to me, the (keyholder <k1>), and you want 
to mail a physical check, then you need my mailing address.  The certificate 
that you can trust the most for that purpose is one signed by me, <k1>.

If you want to serve me with legal papers, e.g., a subpoena, then the 
certificate giving my physical address which you can trust the most is 
probably going to be signed by K_p (a process serving company).

 - Carl

Version: 2.6.2


|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |