AW: (Fwd) Binding cryptography - much work, little point ?

Eric Verheul everheul at NGI.NL
Wed Oct 16 08:21:11 PDT 1996


>peter.allan at aeat.co.uk (Peter M Allan) wrote:
>[skip]
>I suspect the scheme is incomplete anyway.  After skimming the web page I
>see that the aim is to show the same session key has been encrypted under
>different ElGamal pubkeys.  Now who's to say those pubkeys belong to anyone ?
>Or is this what is meant by "such as Margaret's identity" ?  You'd list the
>ids of the TRPs and also prove that the pubkeys used were theirs ....  ?
>
One can imagine that included in the certified key of a TRP is a statement
like "PKI-ROLE = Trusted Retrieval Party". As it is certified by a higher order (e.g. a root of the PKI) it can be verified. 

Eric







More information about the cypherpunks-legacy mailing list