On Sun, 14 Dec 2003 11:33:23 PST, Paul Hoffman / IMC said:
At 2:14 PM -0500 12/14/03, Keith Moore wrote:
I trust my boss to make statements about my job.
All of those statements, assertions, and so on can be made in simple
signed messages. When you get a message with statements about your
job, you verify that the message has been signed using your boss'
public key. What's the problem here?
Please explain how you enforce that the signed part of the message *only*
contains statements about his job, and does not make any claims that he doesn't
trust his boss to make, but does trust his landlord to make?
Note that this isn't a hypothetical. This message is signed, and it quotes you
quoting Keith. Or at least it claims to. Now what does the signature tell you
about the words that Keith is attributed with? Absolutely nothing - you get to
rely on your judgment of how careful I am with attributing quotes.
At our site, we have multiple people who are authorized to sign purchase orders.
Explain a "simple signed message" format that explains to the vendor that the
digitally signed PO from Mary Smith for desktop computers is OK, because Mary
is authorized to buy those for us, and the PO from Richard James for concrete
for construction project #11934 is OK - but Richard isn't allowed to buy desktop
computers or concrete for other projects.
pgpDgDtI8evYI.pgp
Description: PGP signature