[191] in WWW Security List Archive
Re: what are realistic threats?
daemon@ATHENA.MIT.EDU (Nick Szabo)
Thu Oct 6 00:28:21 1994
From: szabo@netcom.com (Nick Szabo)
To: dkearns{TCNET/HR/dkearns}@klaven.tci.com
Date: Wed, 5 Oct 1994 14:18:01 -0700 (PDT)
Cc: www-security@ns1.rutgers.edu, szabo@netcom.com
In-Reply-To: <7EB83434816DB8D1@klaven.tci.com> from "dkearns{TCNET/HR/dkearns}@klaven.tci.com" at Oct 5, 94 09:09:00 am
Reply-To: szabo@netcom.com (Nick Szabo)
Dave Kearns:
> But who would guarantee the statement that "No major security
> holes have been found"? Are we simply to take XYZs word
> for it?... No, but we need to 'guarantee the integrity' of the
> SIGNER.
What on earth do you mean by "guarantee of integrity"? A legal
contract promising you your money back? Legal liability?
Any old stranger claiming that he is making a "guarantee"?
Specifics, please!
> No, hierarchies allow for standards based rules for issuing
> certificates and 'guarantees'.
It's quite possible to issue certficates without any sort
of heirarchy: an example is the widely used public-key cryptography
system, PGP. And here's another place we need to be more
precise: does "heirarchy" do we mean a single-rooted tree, a directed
acyclic graph, a cyclic graph, or what? What specific constraints
are being set by the standards? My argument was against
single rooted trees.
> The important point, to me, is that there exists a path I can follow
> to establish the credentials of the Guarantor and satisfy myself
> as to the reliability of whatever it is I'm about to access.
I agree, but I'm hardly willing to follow some ill-defined "guarantee",
or trust somebody merely because he's called a "Guarantor".
I want each cryptographic step to be precisely defined, and
each claim in a certificate be specific and highly credible.
A system based on ambiguous "guarantees of integrity" wouldn't
provide anything even approaching a guarantee of integrity.
Nick Szabo szabo@netcom.com
