[4256] in cryptography@c2.net mail archive
Re: Crypto for some of the DNS/TM mess
daemon@ATHENA.MIT.EDU (Ben Laurie)
Wed Mar 3 12:41:41 1999
Date: Wed, 03 Mar 1999 17:31:12 +0000
From: Ben Laurie <ben@algroup.co.uk>
To: Anna Lysyanskaya <anna@theory.lcs.mit.edu>
Cc: froomkin@law.miami.edu, cryptography@c2.net
Anna Lysyanskaya wrote:
> So that takes care of your requirements 1) and 2). As for 3): when the
> need to establish how many domain names a user owns arises, the user can
> be asked to reveal the list of all the credentials of validity ever issued
> to him by the CA and prove that all these credentials correspond to the
> same secret key. With this list, the third party can scan the appropriate
> database and find out how many domains a user owns. The CA knows how many
> credentials of validity have been issued to a user, and so a cheating user
> will be detected. Or we may insist that the CA gives out only one
> credential of validity per user, and then anyone can determine which set
> of domains belong to the same user.
Surely this is where it all falls apart? You can insist all you like,
but how is a CA to achieve this, in practice? For example, I have at
least 3 different "identities" I have legitimate claim to (i.e. at my
home, another house I own and work) and that's without getting clever.
And please, no US-centric answers. SSNs are out (as well as not working
anyway).
> In my opinion, however, requirement 3) is unnecessarily restrictive. I
> don't see why someone should be able to identify a set of domains as
> belonging to the same user. This requirement can be an impediment to
> online commerce and other such endeavors. A reasonable way of preventing
> users from having too many domain names is: set a limit to how many
> domain names can be registered with the same credential of validity (say,
> ten) and how many credentials of validity a CA grants (say, ten). Then we
> can be sure that no user in the system will own more than a hundred domain
> names. This seems to accomplish what you want, without the need for
> someone to come in and find out specifically which domains belong the same
> user.
Same problem.
> Alternatively, if the problem is that a user with 100 domains will be able
> to vote 100 times, but it's just one user, the solution is even simpler
> than that. In that case, we may ask the CA to issue a unique voting
> credential to each user, and it is up to the user at which domain to
> publish this credential. A vote will only be accepted if it comes from a
> domain that holds a voting credential. That gets rid of the multiplicity
> problem while retaining all the advantages that anonymity brings.
Same problem again.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
