[kerry at vscape.com: Re: [p2p-hackers] P2P Authentication]
R.A. Hettinga
rah at shipwright.com
Fri Oct 28 01:54:10 PDT 2005
At 9:27 PM -0700 10/27/05, cyphrpunk wrote:
>Every key has passed
>through dozens of hands before you get to see it. What are the odds
>that nobody's fucked with it in all that time? You're going to put
>that thing in your mouth? I don't think so.
So, as Carl Ellison says, get it from the source. Self-signing is fine, in
that case. "Certificates", CRLs, etc., become more and more meaningless as
the network becomes more geodesic.
>Using certificates in a P2P network is like using a condom. It's just
>common sense. Practice safe cex!
Feh. You sound like one of those newbs who used to leave the plastic wrap
on his 3.5" floppy so he wouldn't get viruses...
Cheers,
RAH
What part of "non-hierarchical" and "P2P" do you not understand?
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
More information about the cypherpunks-legacy
mailing list