Of course! Hi Mike;-)...
Trust is multi-faceted.
Trust in the dollar bill is independent of trust in the source.
Except when they are nice new crisp bills, when it is preferred
to get them directly from a trusted bank or other reputable business,
rather than from a street peddler. Or get them as a Birthday present
from a trusted relative.
If the dollar is a poor enough counterfeit it is easily detected as
such, but if it is a perfect fake, it will never be detected by
anyone until it is retired, if then, and no one will be harmed except
the Govt when it redeems it, where it will just be a round-off
error;-)...
So, we all manage to avoid significant losses with dollar bills,
because we trust some or all that I said above to be true.
That is quite a lot of multi-channelled qualified information!
It collectively includes long histories of many people dealing with
dollar bills;-)... And, little experience with fraudulent dollar
bills.
Who is to say (and prove) that they have absolutely never received
and passed along a counterfeit dollar bill?
So, among other things, the dollar bill scenario has little or
nothing to do with the discussion of trust tools and systems in the
internet environment, except to notice the multi-channel nature of
our trust in dollar bills.
I note also that there are no shared secrets, or crypto keys involved
in the general public trust of dollar bills.
Cheers...\Stef
At 8:39 AM -0700 6/25/02, Mike Burns wrote:
There appears to be two main points of contention about PKI on DNS.
Using the dollar analogy
1. Uniqueness
How does Jon know that the dollar Jon received from Mike is a dollar?
A dollar has specifications that tell you it's a dollar
(type of paper, ink, micro printing, etc)
Each dollar has a unique serial number. If you find two
dollars with the same serial number, then you know that one of them
is not a real dollar. They key is in the storage of that
information. There must be a place(s) (Federal Reserve) where there
is a record of who the dollar was issued to.
2. Ownership
How does Jon know that the dollar he received from Mike was Mike's?
Uniqueness by itself does not imply ownership.
>From: Einar Stefferud
[<mailto:stef(_at_)nma(_dot_)com>mailto:stef(_at_)nma(_dot_)com]
>Sent: Tuesday, June 18, 2002 7:45 PM
>To: ietf
>Subject: Re: Global PKI on DNS?
>
>None of this, whether the dollar was stolen or not, has any impact on
>the trustworthiness of the original dollar, as it is a bearer note,
>and a dollar stolen is a dollar earned in some quarters.
>
>Just like car manufacturers consider a car stolen to be a car sold,
>unless it was stolen from the manufacturer.
>
>We trust the intrinsic appearance of the dollar bill.
>
>Or the pink slip for car ownership, but do not trust the car without
>its pink slip.
>
>Now, if I give you a check, and you give my check, made out to you,
>endorsed to someone else, the recipient, if she accepts it is relying
>on the transitivity of trust, whether such reliance is reliably
>transitive or not. Most people in the US will not accept such
>checks, but in some countries, such checks circulate for a long time
>and some are never cashed.
>
>The real underlying issue here is reliance, and as Ed has pointed
>out, reliance depends on more than the bearer saying "Trust Me!"
>which is a single channel of communication. In the case of a dollar,
>it depends on the perceived ability to find a greater fool to accept
>it at face value,
>as in the act of buying or selling common stock shares.
>
>This is why "Trust Me!" is generally considered a joke and why most
>people laugh at it, whether they understand the formal logic of the
>humor or not.
>
>But it is clear that trust is not some simple property of objects!
>It is much more complex and depends on subjective evaluations of its
>value, gennerally incorporating many bits of information from
>multiple channels.
>
>Cheers...\Stef
>