ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Brands' book - quick review

1999-10-06 10:30:38
from [Robert Hettinga] [Permanent Link] 

--- begin forwarded text


Date: Wed, 6 Oct 1999 08:07:19 -0400 (AST)
From: Ian Grigg <iang(_at_)systemics(_dot_)com>
To: dbs(_at_)philodox(_dot_)com
Subject: Brands' book - quick review
Reply-To: iang(_at_)systemics(_dot_)com
Sender: <dbs(_at_)philodox(_dot_)com>
List-Subscribe: <mailto:dbs-on(_at_)philodox(_dot_)com>

Whilst on the topic of enhanced digital certificates, Stefan
Brands book,

     _Rethinking Public Key Infrastructures
     and Digital Certificates - Building in Privacy_,
     4th September, 1999,

is now in its first printing, published by Brands himself.
The contents are at http://www.xs4all.nl/~brands .

I've spent some time on the first chapter, and it represents a
useful survey of the pitfalls of PKI in the Verisign flavour.
I wouldn't say it is a comprehensive catalogue of the failings,
as it avoids the legal side such as JKW's attack, and doesn't go
so much into the efficiency attack of Dan Geer.  Regardless, it
appears to be a definitive starting place for any investigation
into this area as it covers the revocation debate, smart cards,
and privacy very well.

The book's main contents are way beyond me, as they contain
maths of cryptographic nature.  But, in private conversations
I've had with Brands, I'm of the understanding that his book
goes way beyond the techniques of Chaum.  I await with interest
to see if this claim is awarded by history.

Brands is highly critical of Chaumian certificates, which may
or may not indicate that he has a better scheme :)  For example,
whilst his list of cons for nymous certificates runs to 6 bullets,
the Chaumian proponents get hit with 12 bullets.  CAs in the
current sense don't really measure up, they appear to be so full
of lead that there's no counting.

All in all, I predict this will become required reading by
cryptoplumbers and cryptographers in the Financial Cryptography
community.  Be quick in getting your copy, as I hear two thirds
of the first printing are already sold.

iang

--- end forwarded text


-----------------
Robert A. Hettinga <mailto: rah(_at_)ibuc(_dot_)com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Brands' book - quick review, Robert Hettinga <=
Previous by Date:  From Firewall to IPSec VPNs, Peter Lewis
Next by Date:  Moving forward, Werner Koch
Previous by Thread:  From Firewall to IPSec VPNs, Peter Lewis
Next by Thread:  Moving forward, Werner Koch
Indexes:  [Date] [Thread] [Top] [All Lists]