[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: on the nature of trust

To: Marc Branchaud <marcnarc@xcert.com>
Subject: Re: on the nature of trust
From: Ben Laurie <ben@algroup.co.uk>
Date: Fri, 13 Feb 1998 20:00:34 +0000
Cc: spki@c2.net
Organization: A.L. Digital Ltd.
References: <000801bd3886$52b9e6d0$06060606@russell> <34E48E88.3B66A158@xcert.com> <34E496FD.E534E9BC@algroup.co.uk> <34E4A164.E6DDE43E@xcert.com>
Sender: owner-spki@c2.net

Marc Branchaud wrote:
> 
> Ben Laurie wrote:
> >
> > Marc Branchaud wrote:
> > > Without some externally transmitted trust, what we have is a kind of Turing
> > > test for trust -- is it really Ed, or just an incredible simulation?  This
> > > might be an easy question to answer in a trivial context, but I think that an
> > > external trust channel would be needed in a situation of any significance.
> >
> > But isn't this the essence of trust? No-one can devise a protocol that
> > will make me trust things, can they? This "external trust channel" can
> > only exist if I trust it. And will that trust come from an "external
> > external trust channel trust channel"? I think not.
> >
> 
> What you're suggesting is a Zeno's paradox of trust -- no matter how close you
> get to trusting something, you'll only ever be haflway there.  So how does one
> come to trust anything, then?  How can we ever trust a bank to keep our money
> safely?
> 
> One answer is that we can never fully trust anything.  But banks are
> successful because at some point a depositor decides that the bank is
> trustworthy enough.  That decision is based on information from different
> sources -- the bank, the government, family, friends -- each communicating
> over a different channel.
> 
> The point of Ed's definition, I believe, is that you can trust a transaction
> with your bank's ATM because you've received enough other information over
> other channels & from other sources (e.g. you got your bank card from a bank
> representative).
> 
> The same paradigm applies to online messaging: you trust a message because
> you've received enough other information in some external way.

Or the value of the information is sufficiently low that the "balance of
trust" (as it were) swings in the right direction. But what is the
_point_ of all this? If we look at the CA-centric model of trust, then
it is the CA that must convince me, with sufficient out-of-band
information, that I should trust it. One obvious way of doing this is,
for example, being of sufficient reputation that proving to be
untrustworthy would be a Bad Thing. Like a bank, for example :-)

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd,     |http://www.algroup.co.uk/Apache-SSL
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache

Follow-Ups:

Re: on the nature of trust

From: Marc Branchaud <marcnarc@xcert.com>

References:

Re: on the nature of trust

From: "Phillip M. Hallam-Baker" <pbaker@verisign.com>

Re: on the nature of trust

From: Marc Branchaud <marcnarc@xcert.com>

Re: on the nature of trust

From: Ben Laurie <ben@algroup.co.uk>

Re: on the nature of trust

From: Marc Branchaud <marcnarc@xcert.com>

Prev by Date: Re: on the nature of trust
Next by Date: Re: on the nature of trust
Prev by thread: Re: on the nature of trust
Next by thread: Re: on the nature of trust
Index(es):
- Main
- Thread