[2540] in cryptography@c2.net mail archive
Re: draft of my letter to Canada's Crypto Policy
daemon@ATHENA.MIT.EDU (Daniel R. Oelke)
Tue Apr 21 15:44:59 1998
Date: Tue, 21 Apr 1998 13:23:36 -0500
From: Dan.Oelke@aud.alcatel.com (Daniel R. Oelke)
To: cryptography@c2.net
> From cryptography-owner@c2.net Tue Apr 21 11:22:56 1998
> X-Authentication-Warning: blacklodge.c2.net: majordom set sender to owner-cryptography@c2.org using -f
> X-Sender: mctaylor@glyphmetrics.ca (Unverified)
> Date: Thu, 16 Apr 1998 22:45:54 -0300
> To: Stanton McCandlish <mech@eff.org>
> I've witnessed at least one attempt to thwart the PGP web-of-trust. Since
> then I feel that CAs are not useless given the preceived high level of
> confidence in a digital signature. Yes this is a risk, but at a CA should
> be able to reduce the risks of non-repudiation digital signatures in a
> mass-market.
Yes, it can reduce the risk. Especially for those who are willing to
turn a blind eye towards petty crimes.
> How common is a fake driver's licence? It is possible to
> create or aquire one, but it is certainly not common.
Apparently you have never been in a bar near a college campus
where the drinking age is 21. Fake driver's licenses aren't just
common - but at some places the rule rather than the exception.
> I expect the same
> with a CA signed public-key certificate.
I'ld expect about the same. Most people will obey the rules
and get valid signed certificates. But many would forge them,
or get them under false pretenses, etc. A large scale
CA will have the same problems that all registration entities
have. With that many people it is pretty much impossible
to stop all deception. (See your paper for examples in the
realm of driver's license, voting, "certified" accountants, etc.)
Dan
--------------------------------------------------------------------------
Dan Oelke - droelke@aud.alcatel.com Alcatel Telecom, Richardson, TX
"So... if you like to go Bump! Bump! just jump on the hump of the
Wump of Gump." - One Fish Two Fish Red Fish Blue Fish by Dr. Seuss
