At 18:31 07/07/2003 -0400, Tim Dierks wrote: ...
So, it all boils down to a system that's not dissimilar to a traditional CA-based public key system. In order for you to participate, you go to the trusted third party, they verify that you own the e-mail address you're claiming to possess (with whatever level of verification they insist upon), and if you do, they generate your secret key for you and send it to you. You can now decrypt messages which other people encrypt with that public key.
I don't think it's an interesting solution. I don't see any interesting application that's possible with this system which you couldn't do with existing public-key cryptography: for example, I could write a protocol & software where you could request a public key
...
Tim: wonderful concise summary and I couldn't agree more. Thanks for taking the time to explain so nicely why this kind of systems, while cute, are not really helping applied cryptography (IMHO).
Best regards...
Amir Herzberg http://amir.herzberg.name
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
