Very funny, Polyanna :-( [namespace pollution]
bill.stewart@pleasantonca.ncr.com +1-510-484-6204
wcs at anchor.ho.att.com
Wed Mar 30 17:56:35 PST 1994
> >gateways, and suddenly people using auto-encrypting mail programs
> >find that no-one can read their posts.
>
> Presence on a keyring means that a key exists, not that the owner of a
> key has a policy that it should always be used, or that it should be
> used by everybody. Both PGP and PEM get this completely wrong. Not
> every key will be used for every purpose. Mere existence of a key
> should not indicate permission to encrypt with it.
PGP lets you choose which key to use when you care, and
doesn't care what's in the Name field; if you want to implement behavior
inside of that it will handle it transparently; e.g.
"Digicash: Eric Hughes <hughes at accounts.cayman.digibank.com>"
(though it would be nice if it had more Unix-like regexp code for
selecting keys).
> No current cryptosystem has a way of specifying policy in a public key
> distribution system. I want separate keys for separate machines,
Policy isn't really the cryptosystem's job; it's the application's.
> >Whatever solution we can find will have to involve active support
> >from the keyservers I suspect.
> The key servers are just serving data. To add policy criteria to the
> key servers is to extend their functionality beyond their original
> intent.
The intent of keyservers is to have a convenient mechanism for finding
keys when you want them. Having specific keyservers keep track of
specific bunches of keys is a reasonable use of that convenience.
Maybe a bankers' association would run a keyserver to serve keys
for banks and (if appropriate) for customers, with the location
known by most of the common software, and maybe a remailer
operators' group would do the same for their remailer cooperative.
There are a lot of wys to use mechanisms...
Bill Stewart
More information about the cypherpunks-legacy
mailing list