Re: Attribute-testimony example (was Re: The future will be easy touse)
From: IN%"cme@TIS.COM" "Carl Ellison" 30-NOV-1995 12:34:35.18 Once an element of that set is identified, it can be assigned a codeword (to make parsing easier). ---------- How about an email address? Or a URL? Those can be autodetected easily enough. Plus, the email one could be used to automatically use the appropriate key if reading something from a particular address (whether for decryption or for signature verification). If there are more than one with that address, try all of them and if one turns up looking right (looks like email headers, for instance) use that decryption. That last is even easier with the signature verification, and that can show up the user-specified portion of the field so as to remind you who's sent the message. Sorry if this has been thought of (and suggested) before... it is kind of obvious. -Allen
-----BEGIN PGP SIGNED MESSAGE-----
Date: Thu, 30 Nov 1995 13:33 EDT From: "E. ALLEN SMITH" <EALLENSMITH@mbcl.rutgers.edu>
Once an element of that set is identified, it can be assigned a codeword (to make parsing easier). ---------- How about an email address? Or a URL?
In this case, I was talking about an abbreviation for an attribute rather than for a person -- e.g., "checking-account: <number>,<bank>" standing, for example, for "The person (entity) capable of signing with the signed-key identified above is authorized to withdraw money from checking account number <number> at <bank>." However, in offline mail I just had this interchange:
Date: Thu, 30 Nov 1995 12:47:28 -0500 (EST) From: Jon Lasser <jlasser@rwd.goucher.edu>
Maybe it is just out of habit. But there's another aspect, not looking at other people, but looking at oneself:
"This is _my_ key."
"But my name isn't on the key."
"The key says I belong to it."
"Hey! I'm not just a number!"
I think you're exactly right here. That's the problem.
Perhaps we need to include the person's name in the keyID.
So instead of:
Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da
we could use:
Signed-Key-ID: Carl Ellison (e05c601c4ec4af3aeb54a53171ed65da)
or Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison) to follow the SMTP example, or Signed-Key-ID: e05c601c4ec4af3aeb54a53171ed65da (Carl Ellison <cme@tis.com>) to follow the PGP example. In this case, the text attached to the key is optional -- but there for the people who feel attached to their names. It's left off (or replaced with a handle) for folks who want anonymity. The fact remains that the key is the source of authority here. The name acquires validity from the key, not the other way around, and that might upset some people who bother to think about it. However, those who prefer to think the name is important can view the key hash as an added field making the name unique -- with the extra added bonus of being tied strongly to a public key. - Carl +--------------------------------------------------------------------------+ |Carl M. Ellison cme@tis.com http://www.clark.net/pub/cme | |Trusted Information Systems, Inc. http://www.tis.com/ | |3060 Washington Road PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2| |Glenwood MD 21738 Tel:(301)854-6889 FAX:(301)854-5363 | +--------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBML4CoVQXJENzYr45AQFvJQQAszQbHHIXlOVFpdBv3K/J6f3FmCBoSvhX Fpy9T0OJAH2pndzH1cZLVTQzS+j/p4tY5P6YAlF+VS047T6jQqF31Kn1fIUlEjzw 0/t/W+7BQ+IktrrNtyJfEx5rFYKUg6rViTg3UF+knocBIMTRfm0EbuMkv7hCN5Ho iE0n9FZ+XIc= =e+iE -----END PGP SIGNATURE-----
participants (2)
-
Carl Ellison -
E. ALLEN SMITH