[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Subject signing redux (was: Re: Mary is Mary)

From: Carl Ellison <cme@cybercash.com>
>I fear you've fallen into the trap of believing the X.509 thinking.  We never 
> claimed to tie something to Mary through her name.
>  [...]
> 	If you also want to map from (K) to (keyholder (K)) -- ie., from the key space 
> to the person in 3D space, you need one of those other certificates (e.g., a 
> donation cert or a subpoena cert) I was talking about before this all started.

Doesn't matter whether you use SPKI 1.0 certs with no name, or SDSI/SPKI
certs with issuer-local names.

If you operate purely in keyspace, then as others have pointed out, you
can't send a key to jail.  But you as a verifier still have to trust
Jon to issue "lawyer" certs only to those humans who have demonstrated
to Jon's satisfaction that they deserve them, and to no one else.

When the subpoena request comes in to Jon, asking him to produce the
body to whom he issued the cert, he can still lie and claim that Mary
has a key that she never had.  Requiring keyholders to sign certs does
not protect keyholders from being framed by dishonest issuers.