At 11:33 -0400 7/13/96, Michael Froomkin wrote:
This illustrates the need for and role of certification authorities.
See http://www.law.miami.edu/~froomkin/articles/trusted.htm for some info.
["this" being the possibility that someone would generate lots of signed public keys with your name on them] However, there's nothing to stop generation of many certificates from trusted CAs with your name on them. In fact, if you have a name like Michael Smith, and if a CA is successful, there *will be* lots of certificates with your name on them, even without anyone's trying to do anything crooked. The problem people overlook is that a CA binds a public key to a name but the name is in the CA's name space. For me, a verifier, to derive any value from a certificate binding (key,name), the name has to be in *my* name space. If there were such a thing as a global namespace meaningful to everyone, then we could both use it. That's the X.500 falacy/pipe-dream. The fact is, no global name space could be held in one human's mind, so there's no way a global name space could be meaningful to me. So, to use a certificate from a CA, I need to map a name from its name space (DN) into a name in my name space (nickname). Every time I've looked at that process, I've had to have a secure channel over which to learn from the person I call by that nickname what DN he goes by. If I have that secure channel, then he could tell me his public key fingerprint ove that cnnel -- and I wouldn't need the CA. - Carl +------------------------------------------------------------------------+ |Carl M. Ellison cme@acm.org http://www.clark.net/pub/cme | |PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2| | "Officer, officer, arrest that man! He's whistling a dirty song." | +-------------------------------------------- Jean Ellison (aka Mother) -+