[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: acceptance&commitments over trust
At 04:43 PM 3/30/98 -0500, you wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>At 06:27 PM 3/27/98 +0100, Paul-André Pays wrote:
>>I don't need trust, I (and they) need commitments / contracts
>>and liability and this why the thread about "trust transitivity"
>>looks to me as a pure speculation and theoretical debate unrelated
>>with the requirements of most players I have to deal with.
>Very well said. Thank you for the words.
> - Carl
Dispense for the moment with the word "trust". Consider instead the term
Of course, we are interested directly with commitments, contracts and
liabilities. But any reliance on these *presumes* other fundamentals.
"With whom did I commit?" "What evidence leads me to believe so?" "How
did this evidence come into my possession?" "Through what channels?"
Much of this seems beyond the immediacy of public keys, digital signatures
and certifications. It deals more generally with the underlying structure
(or lack of structure) for managing the histories of evidence that lead us
to make decisions regarding the employment of keys and certificates.
At present, we float in a sea of data, and grasp at near-term facts that
appear on the surface to support our decision-making. We do this out of
our (human) memory and generally ignore the historical dependencies that
lead us to take as facts this data. Too much baggage to hold onto using
(human) memory, or to deal with using just our wits.
And yes, as Bob Jueneman often puts it, "so commerce is impossible" ;)
Of course we'll get by without a deeper decision-making foundation, for
a while at least. But as we delegate more and more decisions to software
automatons, we may have to codify these reliance measures with a more
comprehensive methodology. Will Ed's stuff do this for us? I don't know.
I can barely understand it. But I can't get myself to ignore it, and I
won't ignore it simply because it makes my head hurt.
Tony Bartoletti LL
SPI-NET GURU LL LL
Computer Security Technology Center LL LL LL
Lawrence Livermore National Lab LL LL LL
PO Box 808, L - 303 LL LL LLLLLLLL
Livermore, CA 94551-9900 LL LLLLLLLL
email: email@example.com phone: 510-422-3881 LLLLLLLL