[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: on the nature of trust
Ben Laurie wrote:
>
> Marc Branchaud wrote:
> >
> > Ben Laurie wrote:
> > >
> > > Marc Branchaud wrote:
> > > > Without some externally transmitted trust, what we have is a kind of Turing
> > > > test for trust -- is it really Ed, or just an incredible simulation? This
> > > > might be an easy question to answer in a trivial context, but I think that an
> > > > external trust channel would be needed in a situation of any significance.
> > >
> > > But isn't this the essence of trust? No-one can devise a protocol that
> > > will make me trust things, can they? This "external trust channel" can
> > > only exist if I trust it. And will that trust come from an "external
> > > external trust channel trust channel"? I think not.
> > >
[ ... ]
> > The same paradigm applies to online messaging: you trust a message because
> > you've received enough other information in some external way.
>
> Or the value of the information is sufficiently low that the "balance of
> trust" (as it were) swings in the right direction. But what is the
> _point_ of all this? If we look at the CA-centric model of trust, then
> it is the CA that must convince me, with sufficient out-of-band
> information, that I should trust it. One obvious way of doing this is,
> for example, being of sufficient reputation that proving to be
> untrustworthy would be a Bad Thing. Like a bank, for example :-)
>
I agree with all of that. The point I was trying to make is that some kind of
external-to-the-transaction trust channel is required. I think what our
discussion has revealed is that several quanta of trust from many different
sources & channels are probably needed.
I believe SPKI is a pretty good way of conveying that kind of trust with as
little out-of-band communication as possible. With everyone issuing SPKI
certs for all sorts of stuff, people can gather enough evidence to satisfy
themselves that something is trustworthy.
Marc
+------------------------------------------------------------------------+
Marc Branchaud \/
Chief PKI Architect /\CERT SOFTWARE INC.
marcnarc@xcert.com PKI References page: www.xcert.com
604-640-6210x227 www.xcert.com/~marcnarc/PKI/
+------------------------------------------------------------------------+
Follow-Ups:
References: