[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Subject signing redux (was: Re: Mary is Mary)

egerck@laser.cps.softex.br wrote:
>1. Engineer, don't suppose:
>As once said, law is no substitute for engineering.

You cannot engineer social custom and attempts to avoid it through
engineering are doomed to failure.  That is what law is for...

>I would
>like to hear what's so bad about Mary signing -- protocol-wise --
>that would make it so difficult to close this security hole..

It adds additional complexity (more sigs to be checked and more effort
to set up the cert in the first place) for little gain.  This seems in
conflict with the "Simple" part of this group's charter.  If it is not
an absolute necessity, avoid it.

>2. The attack: 
>The attack is "framing Mary".
>If Jon lied how can Mary prove she did NOT agree and now is just
>trying to avoid trouble? How can Mary prove she did not lie? If she would
>be required to co-sign, then she could *prove* she did not lie.
>[much convolution and detail deleted.]

"Jon said X"
"Did not."
"Did too."

We couldn't solve these problems in childhood when they first appeared
and most of us have since accepted the fact that there are various form
of legal remedy when sufficient money is at stake and social remedies for
other cases.  I think that is you check with legal scholars you will find
that the "real world" has not dealt with this problem any better than
what is being proposed here.  This leads us back to the engineers maxim that
if it ain't broke, don't fix it.


Follow-Ups: References: