hfinney@shell.portal.com writes:
I can see using keys with attributes in this way, for credentials or as other forms of authorization. But what about for communications privacy? What is the attribute that tells you that using this key will prevent eavesdropping?
If we exchange keys on a face-to-face basis, then I really don't see much of a MITM threat, unless somehow the MITM has perverted my original key and I for some reason can't figure that out. Now, as long as you communicate with me via the public key I've handed you, we should be as safe as PKE can make us. If we are forced to exchange keys remotely, then perhaps some sort of "proof" techniques could be used to establish to some level of assurance that the remote entity I *think* is you is really you. Or you could provide me with a key, and then I could poll a list of references to inquire as to the "goodness" of the key. This seems to me to be subtly different than a certificate procedure, because I'm not asking about the goodness of a relationship to the key, but rather about the key itself. Maybe I'm missing something. What is there to trust in a more "traditional" certificate scheme? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Nobody's going to listen to you if you just | Mike McNally (m5@tivoli.com) | | stand there and flap your arms like a fish. | Tivoli Systems, Austin TX | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~