-----BEGIN PGP SIGNED MESSAGE----- I have recently read many arguments here which can be summarized: "Cypherpunks technology makes impersonation easy, abuses unpunishable, and communication untrustable." This is not true. There are two major thrusts to the tech discussed on this list. a) anonymity, i.e., stripping communication of provable identity; b) authentication, i.e., demonstrable proof of identity. Impersonation based on the technology of the former, can have no more, and likely much less, credibility than without. Neither does this technology afford any additional mechanism by which a user bent on forgery can illicitly claim another's identity. The technology of the latter category (e.g., digital signatures) is, in fact, meant to be a significant obstacle to this very act. My identity is my own. An impersonation of me is an unpermitted use of my private property: identity and reputation. It is as reprehensible as any other theft, and -- at least to me -- is as deep an invasion of my privacy as rape. I'm pretty damn pleased that cryptography has provided me a weapon against it: a weapon advocated by cypherpunks; a weapon wielded frequently on this list; a weapon we are all armed with, in the bodies of PGP and PEM. With the honey, often come the bees, and vice versa. The same people who advocate a technology you fear, offer with it a solution far better than unenforceable prohibition (even if we _had_ been the ones to let the genie out of the bottle, we couldn't put it back in: dissemination of information is non-ergodic). Anonymity software adds no affordances to the already considerable array of techniques for deceiving people, simply more reliable 'track covering', and conversely, less credibility. Digital signatures, on the other hand, provide a simple, tested, workable protection. Scott Collins | "Few people realize what tremendous power there | is in one of these things." -- Willy Wonka ......................|................................................ BUSINESS. voice:408.862.0540 fax:974.6094 collins@newton.apple.com Apple Computer, Inc. 5 Infinite Loop, MS 305-2B Cupertino, CA 95014 ....................................................................... PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst@netcom.com -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLMph2CmBKTQiZpaHAQEjZQP/ef4gBVSIy9+FFHkPyth9ktIjsqQu0W7S ccY4BZGcJGOzA1QmqMKugHM1wQh8jNNtTLxmgSNcB5wUpAuGJaEFOhnKqRUGO4BB oyR8AXXQ5uUDmBQ7krYaqk6xPLWe/K4ZPzcv/AVOZocxVlUGCLPg5z5+IXkyOb/2 FCwscFEBGcs= =hAS8 -----END PGP SIGNATURE-----
Scott Collins () writes:
This is not true.
[...]
There are two major thrusts to the tech discussed on this list.
a) anonymity, i.e., stripping communication of provable identity; b) authentication, i.e., demonstrable proof of identity. [...] illicitly claim another's identity. The technology of the latter category (e.g., digital signatures) is, in fact, meant to be a significant obstacle to this very act. [...] as rape. I'm pretty damn pleased that cryptography has provided me a weapon against it: a weapon advocated by cypherpunks; a weapon wielded frequently on this list; a weapon we are all armed with, in the bodies of PGP and PEM. [...] 'track covering', and conversely, less credibility. Digital signatures, on the other hand, provide a simple, tested, workable protection.
Thank you. I've been trying to drum this into people for a while, especially Detweiler. I don't know how much more he can want, but Digital Sigs must not be acceptable because he rejected my "private password for posting" which is almost equivalent to a digital signature scheme except that the password checking is done at the distribution site, not the home site (which is preferable to some people who don't have great boxes at home) With MD5+digital sigs, a real moderated newsgroup could work without the capability of someone forging control messages. Simply have the news software reject articles which aren't signed by the moderator. The same could go for "non-spoofing" secure groups. The technology is already here, all it takes is a few mods to existing readers. There is no need for a future draconet or data super-(fcc controlled and censored)-highway. -- Ray Cromwell | Engineering is the implementation of science; -- -- EE/Math Student | politics is the implementation of faith. -- -- rjc@gnu.ai.mit.edu | - Zetetic Commentaries --
participants (2)
-
catalyst@netcom.com -
rjc@gnu.ai.mit.edu