Re: The future will be easy to use
At 15:30 11/28/95 -0500, Carl Ellison wrote:
BTW -- PGP currently lacks a way for me to note, when I sign a key, how it is that I trust that key (by personal meeting, by attribution, by message association, ...). A signed attribute record would let me record that information for myself as well as for others.
There is more to this problem than how it is that I trust the key. There is also what I trust it for. I just added a key to my key ring that I will use for sending confidental data to a client site. I trust that no one can access the secret key who is not also inside their firewall. However, the key is on a multi-user system, so I do not trust that it is accessable to only one person. Since the data I intend to send will be publicly available inside the firewall, I don't have to trust more than the firewall. It is hard to see how to record the information about how much I trust the receipent's systems security. Bill ----------------------------------------------------------------- Bill Frantz Periwinkle -- Computer Consulting (408)356-8506 16345 Englewood Ave. frantz@netcom.com Los Gatos, CA 95032, USA
-----BEGIN PGP SIGNED MESSAGE-----
Date: Wed, 29 Nov 1995 00:10:16 -0800 From: frantz@netcom.com (Bill Frantz)
It is hard to see how to record the information about how much I trust the receipent's systems security.
I don't see a computer-understandable way to do that either -- but you have provided an example of a human-readable way in your prior paragraph:
I just added a key to my key ring that I will use for sending confidental data to a client site. I trust that no one can access the secret key who is not also inside their firewall. However, the key is on a multi-user system, so I do not trust that it is accessable to only one person. Since the data I intend to send will be publicly available inside the firewall, I don't have to trust more than the firewall.
You could sign a small message consisting of: a) that paragraph b) the subject public key (or its good-enough hash) c) your public key (or its good-enough hash) with your key and let that attribute declaration do the job. It would only be humans who could interpret it, but in the end it's humans who need to. The computer should be able to find and use (b) and (c) -- but leave the human to interpret (a). I grant that they'd rather let the machine do the thinking for them, but that may not be possible -- especially at this time in the evolution of generally available security, before we learn patterns to codify in computer-understandable abbreviations. - Carl +--------------------------------------------------------------------------+ |Carl M. Ellison cme@tis.com http://www.clark.net/pub/cme | |Trusted Information Systems, Inc. http://www.tis.com/ | |3060 Washington Road PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2| |Glenwood MD 21738 Tel:(301)854-6889 FAX:(301)854-5363 | +--------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMLyM7FQXJENzYr45AQGErQP/QlElHIH2/tqbWtUR+hTyRUgTTEAsq18O c9XbJ3OK+HW4WOmsxBQKgqx+/C0zsboo088rkqahG2UNLbC91iizVuAlU5zZth19 F49AAfCrnqDPMyBr+3VecAnHxj09AK5GeHiLQqepHvuyh0IN3hq44zKmeHkV3PHO b8fPQ3tTJCk= =K2WN -----END PGP SIGNATURE-----
participants (2)
-
Carl Ellison -
frantz@netcom.com