[13766] in cryptography@c2.net mail archive
Re: Fwd: [IP] A Simpler, More Personal Key to Protect Online
daemon@ATHENA.MIT.EDU (Amir Herzberg)
Tue Jul 8 12:49:09 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 08 Jul 2003 15:49:22 +0200
To: Tim Dierks <tim@dierks.org>, cryptography@metzdowd.com
From: Amir Herzberg <amir@herzberg.name>
In-Reply-To: <6.0.0.10.2.20030707182707.04f273d8@127.0.0.1>
At 18:31 07/07/2003 -0400, Tim Dierks wrote:
...
>So, it all boils down to a system that's not dissimilar to a traditional
>CA-based public key system. In order for you to participate, you go to the
>trusted third party, they verify that you own the e-mail address you're
>claiming to possess (with whatever level of verification they insist
>upon), and if you do, they generate your secret key for you and send it to
>you. You can now decrypt messages which other people encrypt with that
>public key.
>
>I don't think it's an interesting solution. I don't see any interesting
>application that's possible with this system which you couldn't do with
>existing public-key cryptography: for example, I could write a protocol &
>software where you could request a public key
...
Tim: wonderful concise summary and I couldn't agree more. Thanks for taking
the time to explain so nicely why this kind of systems, while cute, are not
really helping applied cryptography (IMHO).
Best regards...
Amir Herzberg
http://amir.herzberg.name
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
