[3151] in cryptography@c2.net mail archive
RE: We don't need a PKI to build universal strong encryption
daemon@ATHENA.MIT.EDU (Simon Spero)
Thu Aug 6 01:07:04 1998
From: "Simon Spero" <ses@tipper.oit.unc.edu>
To: "John Gilmore" <gnu@toad.com>, <cryptography@c2.net>
Date: Thu, 6 Aug 1998 00:26:57 -0400
In-Reply-To: <199808051750.KAA28487@toad.com>
> If you want to make that 100x as secure, you can have the two sides
> authenticate each other with a public key they remember from session
> to session (as SSH does). When you call Joe, your phone starts
> shrieking if Joe's suddenly got a different public key than he did the
> last time you called him.
For some reason, this just got me thinking about a possible trick that could
be used to start expanding web of trust model PKIs with low assurance, but
low end-user maintenance.
It would be relatively easy to make a security aware mailer that could
automatically inform/offer to inform a key server of the public key/id
binding when you replied to a signed message. Bindings to report could be
chosen at random, or only done for new keys.
This assertion does not offer much protection, but given enough data points,
it could be useful.
This scheme can't be used in cases where traffic analysis is a problem, but
then the Web of Trust model tends to provide pre-build contact lists anyway.
Simon
