Re: Who's afraid of Mallory Wolf?

[Ben Laurie]

Ed Gerck wrote:
Ben Laurie wrote:


Ed Gerck wrote:

;-) If anyone comes across a way to explain it, that does not require study,
please let me know and I'll post it.
AFAICS, what it suggests, in a very roundabout way, is that you may be
able to verify the binding between a key and some kind of DN by being
given a list of signatures attesting to that binding. This is pretty
much PGP's Web of Trust, of course. I could be wrong, I only read it
quickly.


This would still depend on what the paper calls "extrinsic references",
that are outside the dialogue and create opportunity for faults (intentional
or otherwise). The resulting problems for PGP are summarized in
www.mcg.org.br/cert.htm#1.2.
It seems to me that the difference between PGP's WoT and what you are 
suggesting is that the entity which is attempting to prove the linkage 
between their DN and a private key is that they get to choose which 
signatures the relying party should refer to.

Am I wrong?

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]