home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!mcsun!Germany.EU.net!murignis!ap542!D012S436!frank
- From: frank@D012S436.sniap.mchp.sni.de ()
- Subject: Re: Secure netnews
- Message-ID: <1992Aug27.131849.13130@sniap.mchp.sni.de>
- Sender: news@sniap.mchp.sni.de (News Admin)
- Organization: Siemens-Nixdorf AG
- References: <1992Aug18.221506.13535@Princeton.EDU>
- Date: Thu, 27 Aug 92 13:18:49 GMT
- Lines: 40
-
- dla@raven (Don Alvarez) writes:
- : Note that any proposed solution to the above problem which claims to
- : find an answer using any of the words DES, RSA, public-key encryption,
- : or private-key encryption is a non-solution. Those are all encryption
- : techniques. The problem here has nothing to do with encryption
- : techniques. The problem here has to do with cryptographic protocols,
- : or more importantly with the lack thereof. It is a fundamentally unsolved
- : and (I believe) unsolveable problem. There is no way to propagate trust
- : across the entire network.
- :
-
- wrong. islands of trust already exist, it's a matter of
- building bridges between them.
-
- my site knows me well. Your site knows you.
-
- Therefore your site can certify (sign) your public key. Mine can
- certify mine. All that is required now is for our sites to cross
- certify each other's keys.
-
- Or we could set up a CA hierarchy. There's nothing new here. Look
- at X.509.
-
- Oh, I almost forgot. I haven't said DES, RSA, or public-key
- encryption yet. I'll say it now. RSA. Funny, but the solution
- still works.
-
- (btw, what *is* unsolveable is a secure exchange of pks on a single
- insecure channel, not the prop. of trust. Of course, pks can be exchanged
- securely using a secure channel, such as a face-to-face meeting
- where we show passports, or some other acceptable id.).
-
- : -don
-
- Frank.
- --
- Frank O'Dwyer Disclaimer:
- Siemens-Nixdorf AG I will deny everything
- Tel. : +49 (89) 636-40639 Fax. : +49 (89) 636-45860
- e-mail: Frank.ODwyer@sniap.mchp.sni.de
-
