Key Servers

Derek Atkins warlord at MIT.EDU
Sun Nov 14 21:00:17 PST 1993


> <sigh> nobody is interested in preventing pseudospoofing here. the
> people who have most maneuvered themselves into a position to aid
> future cyberspace are instead constraining it. that's the point, isn't
> it? gosh, how could I have been so blind...

I think its because we don't see pseudospoofing as a "danger" like you
do.  Personally, I consider it a necessity.  I like being able to hide
behind an anonymous identity (not that I do, mind you).  I don't see
pseudospoofing as "constraining".  On the contrary, I see it as
freeing us.

As an example, look at Ender's Game, where Ender's brother and sister
get on the net under pseudonyms, and get treated just like everyone
else.  There is no biases.  People are judged on their actions and
words, not by who they are, how old they are, what they look like, or
anything like that.  Maybe you are blind, I don't know.  I've never
met you.

> so, Mr. Keyserver, considering that this (your?) software could be used
> TODAY to help build up a true identity system, why do you oppose using
> it in that fashion? I mean, besides that you are a Cypherpunk.

No the software isn't mine, but I consider myself it's God Father.
Mike Graff (explorer at iastate.edu) and I were talking about this a long
time, and he just beat me to learning enough PERL to write the thing.
But I'd like to think that the two of us did most all of the design of
it.  So, in a way, it is my software.

And, as I said, it is not the job of the Keyserver to provide any sort
of policy.  The job of the Keyserver is to distribute keys.  Nothing
more.  Nothing less.  The job of identifying True Names is solely a
job for Digital Signatures, not a job for the Keyserver.  

I oppose using it in a bogus fashion because the software is not
designed for such a use, there is absolutely no protection for it (any
key can be added), because I, and all the other Keyserver admins,
believe that all the keyservers should be interconnected, and because
I feel the job for determining a True Name on a key is a job for
Digital Signatures, not for the Keyserver.  

I am a cypherpunk.  I don't believe in trusting something on faith
alone, but you seem to be asking for that.  There is no way to protect
such a reckless use of the Keyserver.  The only way to provide a
secure way for True Names is to Cryptographically identify them.

So, Mr. Detweiler, why do you oppose using Digital Signatures to
verify True Names?  I mean, besides that you consider yourself a
Cypherpunk? ;-)

-derek






More information about the cypherpunks-legacy mailing list