<sigh> nobody is interested in preventing pseudospoofing here. the people who have most maneuvered themselves into a position to aid future cyberspace are instead constraining it. that's the point, isn't it? gosh, how could I have been so blind...

I think its because we don't see pseudospoofing as a "danger" like you do. Personally, I consider it a necessity. I like being able to hide behind an anonymous identity (not that I do, mind you). I don't see pseudospoofing as "constraining". On the contrary, I see it as freeing us. As an example, look at Ender's Game, where Ender's brother and sister get on the net under pseudonyms, and get treated just like everyone else. There is no biases. People are judged on their actions and words, not by who they are, how old they are, what they look like, or anything like that. Maybe you are blind, I don't know. I've never met you.

so, Mr. Keyserver, considering that this (your?) software could be used TODAY to help build up a true identity system, why do you oppose using it in that fashion? I mean, besides that you are a Cypherpunk.

No the software isn't mine, but I consider myself it's God Father. Mike Graff (explorer@iastate.edu) and I were talking about this a long time, and he just beat me to learning enough PERL to write the thing. But I'd like to think that the two of us did most all of the design of it. So, in a way, it is my software. And, as I said, it is not the job of the Keyserver to provide any sort of policy. The job of the Keyserver is to distribute keys. Nothing more. Nothing less. The job of identifying True Names is solely a job for Digital Signatures, not a job for the Keyserver. I oppose using it in a bogus fashion because the software is not designed for such a use, there is absolutely no protection for it (any key can be added), because I, and all the other Keyserver admins, believe that all the keyservers should be interconnected, and because I feel the job for determining a True Name on a key is a job for Digital Signatures, not for the Keyserver. I am a cypherpunk. I don't believe in trusting something on faith alone, but you seem to be asking for that. There is no way to protect such a reckless use of the Keyserver. The only way to provide a secure way for True Names is to Cryptographically identify them. So, Mr. Detweiler, why do you oppose using Digital Signatures to verify True Names? I mean, besides that you consider yourself a Cypherpunk? ;-) -derek

false. There could be a network of `true identity' key servers just as easily as there is a network of PSEUDOSPOOFED LIES.

Why don't you just do the following, which would serve everyone's interests, and would be well within the spirit of the movement: 1) Encourage the existing plan to have *all* PGP keys served. 2) Provide a service (possibly for a small fee) wherein people could send you copies of their PGP key along with a notarized statement. 3) Sign those keys with your key, or a key you generate for this purpose. 4) (optionally) provide a service mapping from keys -> Real Names, for the ultra-paranoid. People who share your concerns about pseudospoofing would make you their most trusted (or only trusted) signer of keys. Presto. Those who care, can believe only those keys signed by you are real. Those who don't give a damn, believe what they want. -- ---------------- /\ Douglas Barnes cman@illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\

-----BEGIN PGP SIGNED MESSAGE-----

...

4) (optionally) provide a service mapping from keys -> Real Names, for the ultra-paranoid.

you have just classified 99.9 % of the population as `ultra paranoid'. But that .1% of the degenerates have never understood the idea of civility anyway.

You have made some contributions to the net in the past. I will try to proceed without calling names or poking fun. The fact that PGP doesn't bind True Names and keys is not important to me, nor to many others like me. I go by the code of the Old West: a man's reputation is established by what he does. Period. In our case, that equates to "an entity's reputation is established by the content of its posts." Real identity just isn't important. For example, Wonderer has established itself as a smart, literate, eager-to-learn entity. I look forward to its posts, and I don't care who owns that pseudonym. The content is important, not the source. - -Paul - -- Paul Robichaux, KD4JZG | Caution: cutting edge is sharp. Avoid contact. Intergraph Federal Systems | Be a cryptography user - ask me how. ** Of course I don't speak for Intergraph. ** -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLOeUaSA78To+806NAQGEzAP/QREwLyHRxDAOjSBg5x5FxunOJtBUg7am SCutuPEhZQ0ygRt2LAi2b6peU03ZWPw/TRRCWdlO2NqmgKcJW+nqbcdz4jt0Ocqi uzrcWcVAq0/8QniNH6avdrog5H90TN9WhRCWzrLJpaDGg6Hsc4cM/VCLsUY1xx3s mIa9l5ERYV8= =SlFR -----END PGP SIGNATURE-----

Executive summary: if you care about true people, sign their keys, or create an authority that you trust to sign them, and the keyservers will automatically take care of the rest. This is really a misunderstanding. (When people start using all uppercase letters, it usually is.) I don't like to see people I work closely with (Hi Derek!) the object of such wrath...

...

false. There could be a network of `true identity' key servers just as easily as there is a network of PSEUDOSPOOFED LIES.

Take it easy for a bit here... the key servers (by which I mean the PGP keyservers such as are run on toxicwaste.mit.edu and elsewhere) *don't provide any authentication*... all they provide is keys. If you trust a key because you got it from a key server, then you have perhaps misunderstood the concept of digital signatures -- you should be able to "validate" the key based on what's in it, not where you got it from. That said, if you or someone of similar interests wanted to provide a "true identity" key service, you'd simply have to create a key for that service, advertise it, convince people to belive that you really were doing a "true identity" service (this is the social side, not the technical side -- you can't convince them in purely electronic means any more than you can convince them you even *exist* in purely electronic means... but you can find some way of building *real world* trust that suffices...) and then start signing the keys of those you assert are "true people". And guess what -- Derek's key server, *and all the others*, would start carrying your signatures and keys. They wouldn't filter them out - it wouldn't be worth the trouble :-) and it would be against their mission which is to provide *keys* not *judgements*...

...

so, Mr. Keyserver, considering that this (your?) software could be used TODAY to help build up a true identity system, why do you oppose using

Please, sir, do not defame the people who are making your desires possible. Derek has *not* opposed letting *you* sign and publish lists of true-person keys. He's just brought up the practical point that he doesn't have time to do it (nor, perhaps, interest) as well as the technical point that keyservice has *nothing to do* with validity of keys. He's being generous and done everything you need for infrastructure -- all you have to do is identify real people and sign for them (or convince someone *you trust* to do so.) I hope this clears things up a bit. Noone is preventing this from happenning. (If I thought I could make money at it, enough to compensate for the hassle, I'd consider doing it myself... but it probably wouldn't be competitive with the RSA PCA's, as it usually takes a *lot* of money to convince me something is worth the hassle :-) _Mark_ <eichin@paycheck.cygnus.com> ... or at least I might be...

-----BEGIN PGP SIGNED MESSAGE-----

Seems to me, MR EICHIN, that many people might be FLABBERGASTED to find out that people are using PGP key servers for PSEUDOSPOOFING.

No, it seems that only *you* are flabbergasted. As has been stated numerous time, the Keyservers exist solely for distributing keys. Thats it. No more. No Less. They are not existant to police anyone. They make no policy decisions. Anyone who wants to publish a key, under any name, may do so. That has always been the policy. That will always be the policy.

why is it that the policy that ANYTHING GOES is NOT MADE CLEAR in KEYSERVER POLICY DOCUMENTS?

Why should it? As I said, anyone can add any key. The Keyserser serves keys. It doesn't, and I believe that it *shouldn't* make any verification about the keys it serves. That is the jobs of signatures. The Keyservers (by which I mean the Keyservers at pgp.mit.edu and elsewhere) *don't provide any authentication*. They never have. They never will. And I don't believe it is their purpose to do so.

I'm writing this in hopes there are still some sane people left here.

There are many sane people out here.

It's quite shocking to hear such blase arguments about identity from the people who have erected the current key server system. At the very minimum, these people should make their policies about pseudospoofing clear in policy documents -- anyone listed here could be imaginary, there are no guarantees.

I don't think that there are any arguments about identity. In fact, the only person I know who's brought up the issue of identity is yourself. The Keyservers have been erected for one, AND ONLY ONE, purpose: TO SERVE KEYS. If you can tell me which word you do not understand I will be happy to explain in excruciating detail what I mean here. The Keyservers exist so people can request the PGP key for some identity. It does not matter whether that identity owns one or one hundred keys. If you want to insure identity, sign the key!

5) I remember a P.Metzger argument with M.Graff on some mailing list about using DNS as a kind of key distribution system. The argument boiled down to the point: can *anyone* insert entries? Coincidentally, this is the critical question in a True Name vs. Toxic Waste Dump databases.

Actually, there was more to this argument than just that. The problem is not how to insert entries. Rather, the problem is how to distribute the system so that the who system knows about every key. The problem is that each key has more than one name: it has its userID's associated with it, and it has a keyID, which is inherent to the key. The problem is how to distribute the database so that lookups by keyID can be accomplished. The question was *never* about who had the ability to enter keys in the database. The question was how to implement the database on top of software that currently didn't allow for what was required. The final decision, as it stands, was that the current software was not capable of performing what was required.

6) The software already exists to have a separate network of True Names.

Absolutely correct. It is called a Digitial Signature Hierarchy (ala PEM). It can also be easily implemented in PGP as well. In fact, I was planning on doing this!

I'm sure all the Psychopunks will come up with their clever arguments to sabotage any True Name debate or database system.

I'm not trying to sabotage the debate. I'm trying to say that there are better, more effective ways of ensuring a True Identity, than creating a placebo system of keyservers. It is much more secure to create a system of signators that will digitally sign keys that belong to True Names. If you see such a signature, then you are assured that it is a True Name. If you receive mail from a keyserver, it is quite possible that the Keyserver response was intercepted and changed, or that the Keyserver itself has been altered by some evil cracker, or whatever. As has been stated a million times: The keyserver provides keys. The signatures on the keys provide authentication. If you want to authenticate something, check its signatures. If it has no signatures, it should not be trusted. If it has untrustworthy signatures, it should not be trusted. Which concept do you not understand? - -derek -----BEGIN PGP SIGNATURE----- Version: 2.3 iQBuAgUBLOnHGjh0K1zBsGrxAQGVHgLECYxXO/kDfttEY4KOyaQB9b+wLqFy2Omv 2q0CEaralDXJ2SZtJRZM4QhUWDoDvYYG23TeGZ3GTsgQxPccfWzSx+qv/qSpVfpn 9pZWBQ/RgG3zKPyV+Kd3YFk= =e6Cm -----END PGP SIGNATURE-----

"MR EICHIN"? gee, last time I saw my name written that way (all caps, no punctuation on the abbreviation) was from a direct mailing database program. I half expected to see it followed by "You may have already won" :-) Before I continue, I'd like to indicate that I find this discussion interesting, which is why I'm continuing to cc you, Mr. Detweiler; however, if you'd rather I didn't continue, please let me know. But enough of that. Please tell me, MR LD231782, if whomever you got your Internet email server from ever informed you that the email addresses might have *nothing* to do with the names they claimed to be? Malicious or otherwise? [To be fair, *my* network provider actually does have some intro documentation that explains how insecure email actually is... but they're unusual in other ways.] The point I'm trying to make is that the Keyserver is no more guilty for not mentioning it than your email provider is. Perhaps this is because they are both assuming (perhaps incorrectly) that you cannot base trust on machinery. Machinery might help propagate existing trust... but the trust must start with the people involved (and by that I mean the entities themselves, *not* the service maintainers.) In case it wasn't clear, I'm just responding to your point:

...

why is it that the policy that ANYTHING GOES is NOT MADE CLEAR in KEYSERVER POLICY DOCUMENTS? in reference to the "policy documents" of everything else on the net.

For that matter, do you care that if you saw one message in Time Magazine, you might see a similar message in an statement from Warner Cable[*], or a number of related places -- because they're all owned by the same conglomerate? Forget Medusa. Think Warner, Beatrice, TCI, and other big meta-everything companies, who only *look* like distinct "individuals" (corporations are individuals in the eyes of the law, enabled by one of the later amendments...) while in fact they're only really "tentacles" of a bigger one? [*] I attempt to use the subjunctive here to make a point, not to claim any actual behaviour of Time-Warner Inc. There are better examples of this sort of thing anyhow. Sorry I don't have any handy that are documented well enough... (Actually, doesn't the FCC already have something to say about this? something like you can do it as long as you don't own *all* of the media in an area, but several of each is ok?) There was a long discussion on another mailing list (with only a slightly higher S/N than this one, but far more politics, as the vocal membership includes employees of NSF, CIA, ANS, IBM, STD and other TLA's :-) about someone who was posting from an address in their name representing a political project from an educational site. Someone else was curious about this, and contacted the postmaster. They contacted the account owner, and had some time of figuring out what was going on... turns out it was the *reverse* of PSEUDOSPOOFING, namely, there was one account with *several* true names behind it. (It was "exposed" because they didn't "keep their stories consistent" or something like that.) Now, do you find this reverse-PSEUDOSPOOFING (I leave the upper case letters since I've never seen the world spelled without them) objectionable as well? I'm not trying to set up a semantic trap here or anything, I'm just trying to understand the bounds of the issue, and get some idea what you see as ok, and what you see as "flabbergasting." I reject the idea that just because you perceive something that "many people might" perceive it the same way... so please don't try to generalize, just let me know what *you* think. Thanks. _Mark_ <eichin@paycheck.cygnus.com> ... or at least I might be...

Perhaps this is because they are both assuming (perhaps incorrectly) that you cannot base trust on machinery. Machinery might help propagate existing trust... but the trust must start with the people involved (and by that I mean the entities themselves, *not* the service maintainers.)

that's precisely correct. but we can build mechanisms that encourage human trust, rather than encourage a criminal `free for all'. I seek to find such mechanisms. Psychopunks seek to subvert, sabotage, and destroy them. For example, I proposed an arrangement on this list whereby subscribers promise not to pseudospoof. Obviously, no one here gives a damn. I proposed that key servers be implemented that signify the authors commitment to a code of honest cyberspatial interactions by their key submissions. Obviously, no one here gives a damn. I described a *real* and *active* conspiracy in RISKS. Obviously, only the conspiracists here give a damn. Hey, braindead cypherpunks -- do you want to know why there has always been so much NOISE in this list's SIGNAL? do you want to know why people are so GROUCHY and TYRANNICAL and incapable of any substantial AGREEMENT or PROGRESS? because it is a HOTBED OF PSEUDOSPOOFING and all this hideous cacophony is your KARMA FOR ENGAGING IN OR PASSIVELY SUBMITTING TO IT.

There was a long discussion on another mailing list (with only a slightly higher S/N than this one, but far more politics, as the vocal membership includes employees of NSF, CIA, ANS, IBM, STD and other TLA's :-) about someone who was posting from an address in their name representing a political project from an educational site. Someone else was curious about this, and contacted the postmaster. They contacted the account owner, and had some time of figuring out what was going on... turns out it was the *reverse* of PSEUDOSPOOFING, namely, there was one account with *several* true names behind it. (It was "exposed" because they didn't "keep their stories consistent" or something like that.)

You're talking about Extropians? what list? name it, weasel. I still consider this pseudospoofing -- twisting identity in maliciously deceptive ways. Using identity to betray people. If there is any general identity conspiracy, I'll give you 100-1 odds the psychopunk bastards are behind it. I wouldn't be surprised if it was a psychopunk bastard behind the Gibson forgery/impersonation on that other mailing list. You guys have WET DREAMS over ALL OF THIS. perverts.

Now, do you find this reverse-PSEUDOSPOOFING (I leave the upper case letters since I've never seen the world spelled without them) objectionable as well?

Just another repulsive variation on psychopunk depravity and perversions. Honest people would be repulsed by it.

Hey, braindead cypherpunks -- do you want to know why there has always been so much NOISE in this list's SIGNAL? do you want to know why people are so GROUCHY and TYRANNICAL and incapable of any substantial AGREEMENT or PROGRESS? because it is a HOTBED OF PSEUDOSPOOFING and all this hideous cacophony is your KARMA FOR ENGAGING IN OR PASSIVELY SUBMITTING TO IT.

I believe you forgot this part: UN-altered REPRODUCTION and DISSEMINATION of this IMPORTANT Information is ENCOURAGED.