[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mary is Mary

Carl Ellison wrote:
> At 05:27 PM 6/20/97 -0300, E. Gerck wrote:
> >Your answer of course correct but misses the issue. What I meant is
> >exactly the phrase I wrote:
> >"has no way of knowing that Mary *is* Mary"
> >and not that "Mary is called Mary". This is not a play on words and that's
> >why I chose the name Mary -- it's certainly not singular, not a DN.
> >
> >The question is not the name. If you want legal responsibilities or, at
> >least, accountability, then you must have a way to bind the authorization
> >to an accountable entity and not to a key. A key cannot yet be persecuted
> >and go to jail.
> I think we are in violent agreement.  A key can not be sent to jail.  Neither
> can a name.  Neither can a name and address (if the person moves and/or changes
> names).  What is needed is what I call a "subpoena certificate".

   Please, could you explain "subpoena certificates" with details or refer
  some document where I can read about them?

> It maps from cyberspace to 3D space (not from 3D space to cyberspace, the way
> X.509 and original SDSI do) and the signer (presumably a company which is a
> process server by profession) promises to track down the keyholder indicted and
> serve legal papers on him/her.  The subpoena certificate needs only an index
> number inside, assigned by the process server company (so they can access their
> files) and that company would prefer such an anonymous subpoena certificate (so
> that competing process serving companies can't ride on their certificate).

   I don't feel comfortable with the idea that commercial companies can play the
role of authentication agents. I think that many others will agree with me that
commercial companies are not the best option for this purpose.

> The subpoena certificate is part of SPKI, not of SDSI or X.509 -- but since
> SDSI and SPKI have merged, it is part of SDSI/SPKI 2.0.
> ...
> This is semantics.  As long as I define "(keyholder K)" as "whoever holds the
> private key corresponding to K", any reference to (keyholder K) identifies
> the correct person by definition.  That doesn't mean you can find the person
> to submit legal papers, of course.  That's the added-value of the
> process server company -- not just locating the person at the time the cert
> is signed, but making sure that person can be found later when the contract
> is violated and legal action must commence.  This takes work on the PS's part
> and for that work, the PS should collect a fee.
>  - Carl
> +------------------------------------------------------------------+
> |Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
> |CyberCash, Inc.                      http://www.cybercash.com/    |
> |207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
> |Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
> +------------------------------------------------------------------+

   Once again PS are not the right choice. Fees are one of the reasons but not
the most important one. I feel that people in this workgroup should try to find
the best solution to the problems forgetting that they work for commercial

   This is just the point of view of someone that doesn't want to depend on
companies services to use Internet. Please, let me know your opinion. I have some
interesting alternatives regarding identity certificates and PKIs. 
                         ( o o )
  !           _   ,                                        !
  ! Antonio Mana Gomez               eMail: amg@lcc.uma.es !
  !                                                        !
  ! http::/www.lcc.uma.es/personal/mana/mana.html          !
  ! http::/www.lcc.uma.es/iswg.html                        !
  !                                                        !
  ! Departamento de Lenguajes y Ciencias de la Computacion !
  !        E.T.S.I.Informatica.    Desp. 1.2.B.19          !
  !                Campus de Teatinos.                     !
  !               29071 MALAGA (SPAIN)                     !
  !                                                        !
  ! Phone: (+34) 5 213 27 54        Fax: (+34) 5 213 13 97 !