On Thu, 16 May 2002 11:11:17 -0500, you wrote: >organization. You might accept PGP keys with only email verification, >you might accept them printed out and sent by normal mail, you might >accept keys that have been signed into the global web of trust. Each >approach offers a different degree of authenticity, and carries with it >a different degree of overhead.
In fact, that's exactly what I am thinking of. The original ICANN proposal was to identify people by having them register a domain name and be listed on a WHOIS server - which was an unsecure method, costly for the user, and easily capturable by registries and registrars (though perhaps these were appreciable features for some of those who drafted that proposal). My idea for what we are doing now (which, to make it clearer for people who are not involved directly, is building an independent verified membership roll for ICANN that can later be used to have elections for user representatives in the unlikely case that ICANN will accept this, see www.icannatlarge.com) is that we should employ a wide number of different authentication methods, not necessarily PGP-based (as the target is much less technical). Surely using the official certification authorities as created by law in the US and EU and other countries would be fine, but that cannot be the only method, as certificates are costly, not yet spread enough, and we have a worldwide target (so we have to take developing countries into account too). Having members introduce other members would be nice, though there have to be strict provisions to prevent frauds. Sending scanned images of official ID documents would be fine too, if we can prevent people from using Photoshop (er... ok, gimp or ImageMagick) to fake them. Moreover, my idea is that we should decentralize this as much as possible: you lose in safety, but the system you build is much less subject to capture and single points of failure, and much less costly. So I would be quite happy to accept "Debian-certified individuals" in the membership, for example. -- .oOo.oOo.oOo.oOo vb. Vittorio Bertola <[EMAIL PROTECTED]> Ph. +39 011 23381220 Vitaminic [The Music Evolution] - Vice President for Technology DISCLAIMER, PLEASE NOTE: This communication is intended only for use by the addressee. It may contain confidential or privileged information. Transmission, distribution and/or copy cannot be permitted. Please notify immediately the sender by replying if you are not the intended recipient. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]