"ld231782@longs.lance.colostate.edu" "L. Detweiler" complains:
<sigh> nobody is interested in preventing pseudospoofing here. the people who have most maneuvered themselves into a position to aid future cyberspace are instead constraining it. that's the point, isn't it? gosh, how could I have been so blind...
Not true at all. I proposed a more secure method, signing of keys by trusted certifiers, and JMDiehl said he'd look into implementing it. Warlord said that he didn't like the idea of having a separate network of keyservers for True Names, but that keys could be certified as True Name keys. Nobody said that they opposed the idea of True Name keys. Such certifications, especially if from multiple parties, would be much more secure than a network of keyservers. Remember that these exchange keys, and if you could hack one, you could put a phony key into the loop. JMDiehl: your service would be more widely trusted, and potentially profitable, if you bought a copy of ViaCrypt PGP for legality and charged a small fee for your services. If there is money and your reputation at stake, people will assume you are going to be more careful in checking keys, and they will trust your service more. You don't want any kind of automation; you want to verify each one before signing it. Warlord: Is there any way to clean out old keys from the keyservers? How about keeping track of when a key was uploaded, and killing them after a year or so. If a person wants to keep a key active, he can mail it to the keyserver again before the year runs out. The keyservers are full of old, dead, and revoked keys, and the number will continue to grow as more people use PGP. Present keys could be killed a year from now, or whenever. Detweiler: why don't you do it? You could advance your crusade and make some money in the process. Start a service to certify keys. If a key were certified by several services, you could be pretty sure of its authenticity. Everyone: is it possible to translate RIPEM keys into PGP keys? Can the signature be kept intact? Is it possible to use Mac signer keys for encryption as well as signing? Doesn't it seem just a bit political that the Mac system has RSA for signatures and a symmetric cryptosystem, but no public-key encryption? Maybe something could be done about this, but I don't have a Mac to try it. --- MikeIngle@delphi.com
According to Mike Ingle:
JMDiehl: your service would be more widely trusted, and potentially profitable, if you bought a copy of ViaCrypt PGP for legality and charged a small fee for your services. If there is money and your reputation at stake, people will assume you are going to be more careful in checking keys, and they will trust your service more. You don't want any kind of automation; you want to verify each one before signing it.
I wouldn't want to charge for these services since that would introduce a conflict of interest, profit. I want to be trusted based on my stated policy. The suggestion of purchasing a ViaCrypt copy of pgp is valid. As for automation, it would not be all that "automatic." It would simply comprise tools to issue "Certificates" so that people can show other people to indicate that my signature on their key is trustworthy. Comments are welcome. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl@triton.unm.edu | Government forgets about the 1st! <RL> Mike.Diehl@f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. <Me> al945@cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! <Me> Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703.
You mention that you feel there is a conflict of interest if you were to charge money to sign keys. Actually, by charging money, I think you would greatly enhance the weight that people gave to your certification, and by leading out with a fee/service arrangement, you would be able to avoid the kind of overload that, say, Julf has run into with penet. If you were to get enough business, you could then just farm the whole thing out to a local notary/clerk type who would probably have more experience with identity documents, the work of other notaries, etc. Another thought: offer various levels of certification, based on the level of documentation. E.g., one level for xeroxes of id documents (you may just want to rule this out), another level for notarized copy of driver's licence, another for notarized copy of d.l. and birth certificate, etc. etc. -- ---------------- /\ Douglas Barnes cman@illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\
According to Douglas Barnes:
You mention that you feel there is a conflict of interest if you were to charge money to sign keys. Actually, by charging money, I think you would greatly enhance the weight that people gave to your certification, and by leading out with a fee/service arrangement, you would be able to avoid the kind of overload that, say, Julf has run into with penet.
These are very good points. After I get this whole thing put together, I may have an introductory special.... ;^)
If you were to get enough business, you could then just farm the whole thing out to a local notary/clerk type who would probably have more experience with identity documents, the work of other notaries, etc.
And you would be force to trust him, also...and anyone else I may farm this out to. Not this kid. ;^)
Another thought: offer various levels of certification, based on the level of documentation. E.g., one level for xeroxes of id documents (you may just want to rule this out), another level for notarized copy of driver's licence, another for notarized copy of d.l. and birth certificate, etc. etc.
I was thinking of issuing a signed certificate to the customer indicating exactly why I signed his key. This could be presented to other people who question my signature. As per my policy, which can be gotten via finger, I will sign a key iff any of the following is true: 1. I watched him generate his key. 2. I know the person by sight, and can verify his key. 3. He proves, with picture id, in person, that the public key is his. 4. He sends me a photocopy of his picture id and a signed statement containing the pgp footprint of his key. 5. His key is signed by someone whom I trust to sign keys. Note that #5 implies that the other signer has the same policy. My policy will be stated in my certificate. Comments? J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl@triton.unm.edu | Government forgets about the 1st! <RL> Mike.Diehl@f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. <Me> al945@cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! <Me> Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703.
If you were to get enough business, you could then just farm the whole thing out to a local notary/clerk type who would probably have more experience with identity documents, the work of other notaries, etc.
And you would be force to trust him, also...and anyone else I may farm this out to. Not this kid. ;^)
Actually, as nice a guy as I'm sure you are, having worked in banking for many years, I'm more inclined to trust little blue-haired old ladies for tasks requiring meticulous attention to detail, than folks who are more like me. This is just another aspect of charging; it allows you to scale/extend the service beyond the point at which it holds any charm whatsover to a creative/leading edge type individual. I don't think you'll find much resistance if you let it be known that you will eventually hire/contract with a professional to do the ID validations. It will probably *improve* rather than detract from the popularity of your service.
Another thought: offer various levels of certification, based on the level of documentation. E.g., one level for xeroxes of id documents (you may just want to rule this out), another level for notarized copy of driver's licence, another for notarized copy of d.l. and birth certificate, etc. etc.
I was thinking of issuing a signed certificate to the customer indicating exactly why I signed his key. This could be presented to other people who question my signature. As per my policy, which can be gotten via finger, I will sign a key iff any of the following is true:
1. I watched him generate his key. 2. I know the person by sight, and can verify his key. 3. He proves, with picture id, in person, that the public key is his. 4. He sends me a photocopy of his picture id and a signed statement containing the pgp footprint of his key. 5. His key is signed by someone whom I trust to sign keys.
I wouldn't bother with most of these for a large-scale public service. #1 and #2 easily reduce to #3. #5 is something you don't want to get involved with, since the whole point is to let people make their own decision about whom to trust. Instead of signing keys signed by "good signers", you're better off periodically posting lists of signers who are known by each other to follow a certain set of standards, and leave it at that. Something like this is probably more practical: 1. Driver's license is presented in person to you or qualified staff. 2. Driver's license and two other ID from list are presented in person to you or qualified staff 3. Driver's license is presented in person to registered notary public and stamped certificate sent to you. 4. Driver's license and two other ID from list are presented in person to registered notary public and stamped certificate sent to you. I would avoid accepting xeroxes altogether; too easy to forge. -- ---------------- /\ Douglas Barnes cman@illuminati.io.com / \ Chief Wizard (512) 448-8950 (d), 447-7866 (v) / () \ Illuminati Online metaverse.io.com 7777 /______\
participants (4)
-
cman%IO.COM@triton.unm.edu -
cman@IO.COM -
J. Michael Diehl -
Mike Ingle