Senator, your public key please?

bryce at digicash.com bryce at digicash.com
Sat May 18 18:54:11 PDT 1996



-----BEGIN PGP SIGNED MESSAGE-----

 The entity calling itself Tim May <tcmay at got.net> is alleged to have
 written:
>
> Keys, key signings, and webs of trust can be used in all sorts of ways.
> 
> And I expect the "burrowcrats" will try to regulate the use.
> 
> Imagine, for example, if I use a "web of trust" to help me decide who's
> trustworthy enough to negotiate the sale of my house to.
> 
> Further imagine that I want to see keys signed by Tom Metzger, my buddy
> from the Aryan Nations. Guess what? No blacks will have their keys signed,
> and hence I'll have to tell them, "Sorry, you're just not in my web of
> trust."
> 
> (Now, this is a hypothetical, meant to show that use of a web of trust can
> trigger such decisions, and could thus trigger legal challenges.)
> 
> The web of trust may not be transitive, but the "web of taint" may be more so.
> 
> New forms of blackballing, blacklisting, redlining, etc.
> 
> And I fully expect that who signs one's keys, and whose signatures are
> found on one's keys, may become a political and legal issue in the coming
> years.
> 
> What if, for example, Sen. Leahy _did_ end up in the web of trust for Aryan
> Nation? Even if he never intended it, this could have some severe PR
> repercussions.
> 
> An exciting new world we're entering.


All of these are products of misconceptions between using the 
WoT to certify identities, versus using it to certify how much 
you trust a person to certify someone else's identify, versus 
using it to certify arbitrary other qualities about a person.


For example, there is no reason why the hypothetical racist "Tom
Metzger" would sign no black people's keys.  A key signature
(PGP style) is just an assertion about the identity of someone.
Haven't racists engraved markings on people's clothes,
buildings, land, bodies and other belongings in order to
identify the owners?  So why not do the same for keys.


This is illustrative of how much confusion reigns about keys,
certs, nyms, signatures and cetera right now.


I hope that TCMay is pointing out how _most_ people lack a 
proper understanding of the differences, rather than reflecting
his own lack of understanding.


Phil Zimmermann was confused about this, I think, when he wrote 
"Trust is not transitive.".  Some kinds of trust _are_ 
transitive (with a coefficient, of course).  Hm.  I wonder if 
there are kinds of trust whose transitivity coefficient is 1?



Regards,

Bryce

#include <stddisclaimer.h> /* I don't speak for anyone but myself. */
- -----BEGIN GOODTIMES VIRUS INNOCULATION-----
Copy me into your .sig for added protection!
- ----- END  GOODTIMES VIRUS INNOCULATION-----



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: http://www.c2.net/~bryce/ -- 'BAP' Easy-PGP v1.1b2

iQB1AwUBMZ41LkjbHy8sKZitAQHvRwL/Qakezx7VlPRahLnHx/7vuK56pLOScjeH
uxF7fX7mXRHKThcnM4fcU/nJ4I6xGNjvYi8RZpSTnhIzUUEiBrDPKE6M1lcqbynC
1H8/L50tGljPyBsJFfIvdHQ3vGKKUtwH
=iG/i
-----END PGP SIGNATURE-----






More information about the cypherpunks-legacy mailing list