On Fri, Mar 19, 1999 at 11:22:51AM +0000, Charles Lindsey wrote:
It is wrong to expect there is only going to be one certificate space,
and that's what it would take to be 'gateway proof',
I expect no such thing. There may or may not be a single "certificate
space" (I am not sure that the concept is even a helpful one) for a given
application (such as Usenet Control messages).
What I mean by that is this. Every message does indeed rely on
some key at the top of its certificate chain. The verifier needs to have
that key, presumably in advance based on normal USENET methods.
Since the goal is for every site on the net to be able to verify, then
everybody on the net must have that key. That means the number of such
keys must be kept very small. That set of keys is the certificate space,
the space of keys of top level CAs.
The whole idea of certificates is you *don't* distribute them. You don't
fetch them from servers. USENET can't operate as I know it today
if you need to go off tor remote servers to process a message.
BULLSHIT! If someone invents a public key and never distributes it to
anyone else see it, what use is it?
The whole point of certificates is you don't distribute the keys of regular
users. You distribute only the very small number of keys of the highest
level CAs.
For this to work as a USENET verifyer, you can't be having to fetch keys
from central servers on a regular basis. I expect there to be less than
100 of these "keeper" keys as I call them -- keys of the top level CAs
and similar parties. As such, you might manually install them, or might
arrange, if you are on the internet, to fetch one in the very rare event
you see one you don't know.
How much certificate material is contained in each message, and how much
is obtained from well-known servers (and doubtless cached locally) will
differ according to the application. In the Usenet case, I imagine most of
them would be distributed via newsgroups established for the purpose.
I would imagine the top level keys would be distributed that way, or as
control messages, and be available in other forms.
The problem is that you don't want people posting messages you can't
verify, and if you post a message, you want to be sure everybody can
verify it.
No. People who regard it as important will want to verify it.
That's not securing the net, which may be the difference of opinion here.
Securing the net only works, in the end, if you can reject messages
that are not signed. Not just confirm messages that are signed. That
means that, within your "space", *all* messages are signed.
That space might be "all newgroups" or "all posts to moderated group X"
or "all control messages" or whatever.
And down the road it eventually means "all messages in groups or subnets
using authentication".
Why are you so concerned to stop people from doing things that you,
personally, don't like? Even supposing there were such a thing as "the
E-mail certificate world" (actually there will probably be several of them
:-( ) why should people on Usnet veryify them if them happen to turn up?
One major goal is preventing forgery. That means not letting people post
as me. To do that, I need a certificate saying I am certified to own
my E-mail address. That will be the usual certificate of the E-mail
world. They also are useful on USENET.
But to stop forgery, it is necessary not just that I have a certificate
for my E-mail address (and that nobody else have one). It is also necessary
that sites discard any article that claims to come from me and doesn't
have a certificate. And in fact, it is necessary that sites discard any
article that claims to come from *anybody* and isn't signed with a
certificate. Because otherwise people can still post from addresses
like "brad%templetons(_dot_)com(_at_)uu(_dot_)net" and still cause replies to
come to me,
or from "brat(_at_)templetons(_dot_)com (Brad Templeton)" and still have most
people
off the cuff think it was me.
Now you may not have included stopping forgery among the goals for
signing messages, but I do.
And right now the rest of the certificate world is gravitating to x.509 which
is really not suitable for USENET.
I think X.509 is dying.
I wish. I went to the RSA security conference last month and it was all the
rage.