-----BEGIN PGP SIGNED MESSAGE-----
In <t53iuw2k1u4(_dot_)fsf(_at_)rover(_dot_)cygnus(_dot_)com>, on 09/15/97
at 11:56 AM, Marc Horowitz <marc(_at_)cygnus(_dot_)com> said:
Jon Callas <jon(_at_)pgp(_dot_)com> writes:
The biggest advantage of a PGP cert has is the way that it is "agile" as
I've heard some people call it. If you want to look at how you fit PGP into
a world that thinks names are important, you can use an email address as a
DN. If you want to use PGP in a name where keys are important, use the
fingerprint (or key proper) as a DN. No biggie. In fact, one of the central
points of the way the web of trust is organized relates directly to
resolving this apparent dichotomy. The PGP software, since its earliest
days, manages this apparent dichotomy. The beauty of PGP as a PKI is that
it can easily bridge an X.509-like, name-centric world to a SPKI-like,
key-centric world.
I see one problem with this approach, and that is in looking up keys. If
we use the email address as the DN, then DNS will make an excellent
mechanism for looking up keys. Of course, email addresses have certain
problems as DN's, as Carl will point out of I don't. If we think of the
key as the DN, then we avoid those problems, but create a different one:
given a signature, how do I find the key to use to verify it? Past
solutions are to carry certs around within every message, which is
inefficient, or to have a global index, which doesn't scale.
We need to solve this problem. One option which comes to mind is to
include a "domain name" for the a pgp cert RR with the message instead of
the cert itself; this does not need to be signed, as the message
verification will fail if it is modified. Unfortunately, this has the
problem that cert domain names may change or go away, making verification
in the future difficult unless a long-term cert cache is kept near the
message.
I see some serious problems with using the DNS for key lookups &
distribution.
- -- What do we do with keys than do not have a "domain"?
- -- What do we do with sites that do not wish to manage PGP keys?
(currently the PKI is being done on a volentary basis).
- -- How do we solve the problem of redundance? ie where are the backups?
- -- How do we handle keys that cover multiple domains?
- -- What do we do about domains where PGP is illegal?? (Russia, France,
China, Cuba, ...)
- --
- ---------------------------------------------------------------
William H. Geiger III http://www.amaranth.com/~whgiii
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html
- ---------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000
iQCVAwUBNB1bEo9Co1n+aLhhAQGv+gP8CsEVDjHJ/4g40xaRhJqbj0Gfq8CONR9B
czQW5UlrSy9cEZb7ltJxtzH6Sjg/QdPnktw52VBWPNvn3PsvL6+BYUUIgq5D0GRm
TWxYmALUXyymGmtWvprdNwunXgF2mOlVsXMavwOxVv50LbwVCMW5DrzPJ9hsvLFM
C/sXusZytlY=
=OsFt
-----END PGP SIGNATURE-----