[Previous] [Next] [Index]
[Thread]
Re: what are realistic threats?
> >It's quite possible to issue certficates without any sort
> >of heirarchy: an example is the widely used public-key
cryptography
> >system, PGP. And here's another place we need to be more
> >precise: does "heirarchy" do we mean a single-rooted tree, a
directed
> >acyclic graph, a cyclic graph, or what?
It is surely a web -- a directed graph. (Not acyclic).
The requirement is that a path of trust can be established.
For example, I might say that I trust anyone certified by the
US govermment to 2 levels of indirection, or by my friend
Joe to 3 levels, or by any of the people at the PGP signing
party at the last IETF, to 2 levels. There is a web of
trust. The people I personally trust form a directed tree
rooted at me, a subset of the web of trust.
There is no reason why contracts can't be involved -- for
example, a credit card company may provide a certificate
service for its clients and a limited guarantee that the
person is who they say they are. The terms of that guarantee
might influence whether some other body certifies them in turn --
and that is how the web of trust is built. Whether I prefer to
follow freind's recommendations or Government approved
agencies is up to me: I have choice.
(A rare comment from someone who doesn't normally have time
to follow the list --sorry--)
Tim
Follow-Ups: