-----BEGIN PGP SIGNED MESSAGE----- TCMay probably wrote something like:
At 8:38 PM 5/18/96, bryce@digicash.com wrote:
...(my points elided)...
All of these are products of misconceptions between using the WoT to certify identities, versus using it to certify how much you trust a person to certify someone else's identify, versus using it to certify arbitrary other qualities about a person.
Bryce, we've differed several times before about the web of trust, especially "man-in-the-middle" issues. This looks to be the same sort of issue.
Indeed we have, and it verged on philosophical territory, and I would really enjoy discussing the issue again with you sometime, although perhaps we've gotten about as much as we can get out of it in e-mail. But I think that _this_ issue is a lot simpler, and a lot easier for us to agree on. To wit:
I personally don't see key-signings as mainly useful for verifying the "true name" of someone whose key I sign. (I don't check birth certificates, passports, driver's licenses, etc.)
Rather, I view _my_ key signings as forms of vouching, or endorsement. Not of all views, naturally, but as a statement that the person whose key I am signing is someone I know and "trust" (in the sense that the key belongs to the person I "know." Thus, I know Eric Hughes, even though he may actually be Fritz Kacynski, drop-out math student.
Sure. For my part, _I_ personally don't see key-signings as mainly useful for verifying the "true name" of someone. Rather I view _my_ key signings as verifying that (for one reason or other), I believe the owner of the key to be the originator of the information that is published under that key (= nym). All I am saying by talking of "misconceptions between using the WoT to certify identities, versus using it to certify [...] other qualities", is that each of these different uses of key- signings are.. well.. _different_, and they shouldn't be mistaken for one another. Unfortunately PGP 2 only allows one kind of certificate. The "key-signature". To PRZ and most other people, it is a certificate asserting a mapping between a key and a true name. To me it is as I described above. To TCMay, it is a kind of endorsement. It's just too bad that PGP 2 doesn't have different _kinds_ of certificates to represent these different assertions. Until a certificate technology like that is implemented, and probably even after that time, we need to avoid confusing these various meanings for "key-signatures".
I believe different agents will use these belief networks in different ways. Some will be focused on the issue of True Names and will calculate beliefs on the basis of how much they think the key-signers are being diligent enough in checking identities. Others will use belief networks to convey trust that one is not a government agent (a practical example being the use of PGP and webs of trust in the jungles of Burma, where I am quite sure the "keyrings" did not deliberately include government agents, regardless of how well they "proved" their identity!
There is no single ontological interpretation of belief networks.
Well here we have that epistemological issue again. I believe that there is a single "proper" or "best" ontological interpretation of many or most belief networks. (At least, of the belief networks that we care about.) But skipping that issue, my point in this post is just that there should be informtion encoded in these belief nets/WoT's which differentiates the different kinds. Note that it is possible to differentiate between two meanings without admitting that their meanings are meaningfully ascertainable by humans... <note: quote out of order>
Bryce, I respect your views on this and MITM issues, but the fact that we view things differently (and that Phil Z. views things differently from you, and perhaps from me) should not always be ascribed by you as "reflecting lack of understanding."
Hey, maybe I should be more humble, or more gentle, but this is the Internet, you know? Here, I'll present a representation of my internal Bayesian belief network with explicit mention of the certainty qualifications: "A. Since Tim and I view things differently with respect to this subject, one of us is wrong. A's certainty: 0.95 B. I am right. B's certainty: 0.93 C. (from A,B) Tim is wrong. C's certainty: (from A,B) 0.93*0.95=0.8835" Now more seriously, the alacrity with which I bring up disagreements with Tim should in fact be construed as a measure of my _respect_ for his opinions and for his mind, rather that as a lack of respect for same. Regards, Bryce -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: http://www.c2.net/~bryce/ -- 'BAP' Easy-PGP v1.1b2 iQB1AwUBMaBOXEjbHy8sKZitAQGqOQMAg5PBy6raiNd2gyy35h9F5CDGxmFTprE9 Ff55OWlPlY/+LM55+Vby94QJ6Df+pNby8yLmRudGZA7OXNeFArKu11AQyd3OXm6N mY9RobZQ+t5aawB9CMtGnsR8NvC/LJU0 =wKml -----END PGP SIGNATURE-----