[147967] in cryptography@c2.net mail archive
Re: [Cryptography] PGP Key Signing parties (Trust Link Grid)
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Sat Nov 2 19:50:19 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <alpine.LFD.2.02.1311021623430.9024@laptop.kerry-linux.ie>
Date: Sat, 2 Nov 2013 12:28:13 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Ralf Senderek <crypto@senderek.ie>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============7887529306930842112==
Content-Type: multipart/alternative; boundary=001a11c23c885c5fba04ea342b85
--001a11c23c885c5fba04ea342b85
Content-Type: text/plain; charset=ISO-8859-1
On Sat, Nov 2, 2013 at 11:30 AM, Ralf Senderek <crypto@senderek.ie> wrote:
> On 1 Nov 2013 ianG wrote:
>
> Let me talk a bit about CAcert and perhaps other CAs as it presents an
>> illuminating
>> counterpoint. CAcert provides that as a network of Assurers. There are
>> thousands of them
>> across the planet, with about a third concentrated in the Germanic belt
>> of countries.
>>
>
> I can understand that you confront my proposal with the established
> CA-model of
> hierarchical key verification. But my proposal does not intend to provide
> what CAcert
> does.
>
I think that is an unhelpful way to approach the problem. Peer endorsements
and CA endorsements have different effects. Limiting the design to one or
the other is unnecessary.
We don't need to limit ourselves to one approach. A pure peer endorsement
scheme has the problem that none of the links are grounded. I can generate
a large web of trust with 10,000 users in a few hours on one PC.
A pure CA endorsement scheme has the problem that the CA has no personal
knowledge of the subject and can only attest to a process, usually limited
to checking government issued documents.
Combine the two and you can create a mechanism that has a higher work
factor for an attacker than either model on its own. And it then becomes
possible to trust keys from the other side of the world or people that you
have never met.
--
Website: http://hallambaker.com/
--001a11c23c885c5fba04ea342b85
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">On Sat, Nov 2, 2013 at 11:30 AM, Ralf Senderek <span dir=
=3D"ltr"><<a href=3D"mailto:crypto@senderek.ie" target=3D"_blank">crypto=
@senderek.ie</a>></span> wrote:<br><div class=3D"gmail_extra"><div class=
=3D"gmail_quote">
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On 1 Nov 2013 ianG wrote:<=
br>
<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
Let me talk a bit about CAcert and perhaps other CAs as it presents an illu=
minating<br>
counterpoint. =A0CAcert provides that as a network of Assurers. =A0There ar=
e thousands of them<br>
across the planet, with about a third concentrated in the Germanic belt of =
countries.<br>
</blockquote>
<br></div>
I can understand that you confront my proposal with the established CA-mode=
l of<br>
hierarchical key verification. But my proposal does not intend to provide w=
hat CAcert<br>
does.<br></blockquote><div><br></div><div>I think that is an unhelpful way =
to approach the problem. Peer endorsements and CA endorsements have differe=
nt effects. Limiting the design to one or the other is unnecessary.</div>
<div><br></div><div>We don't need to limit ourselves to one approach. A=
pure peer endorsement scheme has the problem that none of the links are gr=
ounded. I can generate a large web of trust with 10,000 users in a few hour=
s on one PC.=A0</div>
<div><br></div><div>A pure CA endorsement scheme has the problem that the C=
A has no personal knowledge of the subject and can only attest to a process=
, usually limited to checking government issued documents.</div></div><div>
<br></div><div><br></div><div>Combine the two and you can create a mechanis=
m that has a higher work factor for an attacker than either model on its ow=
n. And it then becomes possible to trust keys from the other side of the wo=
rld or people that you have never met.</div>
<div><br></div>-- <br>Website: <a href=3D"http://hallambaker.com/">http://h=
allambaker.com/</a><br>
</div></div>
--001a11c23c885c5fba04ea342b85--
--===============7887529306930842112==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============7887529306930842112==--
