[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Subject signing redux (was: Re: Mary is Mary)
On Wed, 25 Jun 1997, Jim McCoy wrote:
>[much convolution and detail deleted.]
->
-> It adds additional complexity (more sigs to be checked and more effort
-> to set up the cert in the first place) for little gain. This seems in
-> conflict with the "Simple" part of this group's charter. If it is not
-> an absolute necessity, avoid it.
->
No, not at all. Such signature would only be checked if needed, as a
function of risk or cost. Mary is not the issuer, so your point does not
apply.
Also, by including Mary's signature as a subject (NOT the issuer), SPKI
could allow both options: to be or not to be ... checked.
-> We couldn't solve these problems in childhood when they first appeared
-> and most of us have since accepted the fact that there are various form
-> of legal remedy when sufficient money is at stake and social remedies for
-> other cases. I think that is you check with legal scholars you will find
-> that the "real world" has not dealt with this problem any better than
-> what is being proposed here. This leads us back to the engineers maxim that
-> if it ain't broke, don't fix it.
->
In childhood I did not use cryptography either ;-)
Back to the drawing board, I am exactly arguing that it is broken -- there
are several inconsistencies that may pop up when you don't require Mary to
sign **as the subject**.
Yours,
Ed Gerck
______________________________________________________________________
Dr.rer.nat. E. Gerck egerck@laser.cps.softex.br
http://novaware.cps.softex.br
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil - Fax: +55-19-2429533
Follow-Ups:
References: