[2844] in Kerberos
non-repudiation
daemon@ATHENA.MIT.EDU (Donald T. Davis)
Thu Oct 7 00:59:55 1993
From: "Donald T. Davis" <don@GZA.COM>
Date: Thu, 7 Oct 93 00:43:03 EDT
To: kerberos@MIT.EDU
Cc: don@GZA.COM, tytso@MIT.EDU
ted,
your conclusion, that alice & bob must trust a third party, is obvious,
and doesn't need your proof. your general argument seems to be that
private-key signatures are obviously undesirable because trust is required,
and because trust is fragile. as i pointed out earlier, commercial
customers do not find rsa overwhelmingly preferable to des. your arguments
that they should prefer rsa, are therefore moot. i certainly do agree
that rsa's formal properties are much to be preferred, but i note that
when legalities intrude, and when large-scale constraints kick in,
both rsa and des-based signatures face comparable complications, so that
private-key notaries are not as irrelevant as you claimed.
can we stop flaming soon? -don
