home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!usc!sdd.hp.com!zaphod.mps.ohio-state.edu!cis.ohio-state.edu!ucbvax!virtualnews.nyu.edu!brnstnd
- From: brnstnd@nyu.edu (D. J. Bernstein)
- Newsgroups: sci.crypt
- Subject: Re: User authentication
- Message-ID: <19253.Aug2700.31.1692@virtualnews.nyu.edu>
- Date: 27 Aug 92 00:31:16 GMT
- References: <9208261827.AA02445@news.cis.ohio-state.edu>
- Organization: IR
- Lines: 28
-
- If you never ask the question ``Who are you?'' then you will never be
- given a false answer.
-
- For *the overwhelming bulk* of human communication it has not proven
- necessary to ask the question. So it is silly to design a ``public-key
- infrastructure'' which forces people to ask the question---and suffers
- all the attendant problems of false answers.
-
- When you use a public-key system, think of your messages as being sent
- *from one key to another*. Accept that you don't know ``who'' controls
- the keys that your keys are communicating with. You'll find that you
- don't need to know.
-
- For *special cases* such as credit transfers the credit-granting
- organization can and should set up an association between what it
- considers ``real people'' and keys. And for hunting down criminals one
- certainly wants link-level security, so as to be able to trace any
- signal to its source. But there is no need for global identities, or
- even identities shared between two organizations.
-
- If you hear that IBM just did something, do you care what *real people*
- are involved in making that decision for IBM? You might, but IBM doesn't
- have to tell you, and business will go on even if you don't know. The
- only problem---the problem that public-key cryptography solves---is that
- somebody else might pretend to be IBM, the IBM you already know, without
- IBM's approval. If IBM signs its messages then this problem disappears.
-
- ---Dan (or so je m'appelle in this forum)
-
