At 12:39 PM 9/15/2004, Ed Gerck wrote:
> [1] Public-key cryptography gives the impression that email message security can
> be achieved quite simply. The public-key can be distributed at will, no need for
> secrecy, and anyone can receive private and secure messages. The same procedure
> being applied to each side, sender and receiver, both could immediately engage
> in private and secure communication.

there are (at least) 2-3 characteristics of various public key systems

1) the public key doesn't have to be kept confidential as part of the distribution

2) you don't need a unique key for every unique security &/or business domain

3) other parties can attest to any bindings between the public key and other characteristics

however, while the fact that public key secrecy isn't required (vis-a-vis secret keys) ... and possibly enables one or more of the mentioned characteristics, public key operation doesn't mandate all such characteristics be mandatory for the use of public keys.

PGP allows that a relying party vet a public key with the key owner and/or vet the key with one or more others (web-of-trust)

note that while public key alleviates the requirement that a key be distributed with secrecy ... it doesn't eliminate the requirement that the public key have some trust characteristic associated (i.e. secrecy will tend to include some trust, but elimination of secrecy doesn't eliminate the requirement for trust).

so an infrastructure analogy to physical mail for public key .... is that public key becomes the trusted address for the recipient. in the physical world ... to send some mail ... you need a trusted mailing address for the recipient ... you need to have acquired that address in some manner and furthermore have some trust that it is the correct address. so lets assume that some number of equivalent mechanisms exist for public keys. it so happens that the encryption of the contents with the public key and the addressing of the contents with that same public key .... has some associated trusted infrastructure that delivers the package to the correct recipient.

lets say that instead of having personal zip-codes and personal cell-phone numbers (that you take with you regardless of the service and/or physical location)... that can reach you regardless of where you happen to be in the world .... the "number" that can be guaranteed to reach you, also happens to have the characteristics of a public key.

so public key mapping to entity infrastructures take on similar characteristics as personal (physical) mailing addresses and/or personal cell-phone numbers ... and then you have trusted infrastructures (usps, telephone companies, gov. posts) that can be relied on to make the connection to the appropriate recipient .... which then approximates a
public key paradigm mapping to existing physical world paradigms.

in the current physical world infrastructure, the publication &/or distribution of addresses are relatively low-cost (&/or free) operations with the infrastructures making their real money off the delivery ... as opposed to the publication.

translated to the internet paradigm .... everybody has a public key (in much the same way that everybody can have a personal cellphone number that may reach them regardless of where they are in the world). the public key is registered in something like the domain name infrastructure which then is able to figure out how to find you in the world (in manner similar to how personal cellphone number can find you anywhere in the world).

it isn't necessary that public key paradigms have to be the wrong model for email .... it is that the various existing economic models for making money off of public key infrastructures may be inconsistent with normal expected business operations. however, there is nothing intrinsic to public keys that mandate they are tied to existing public key infrastructure economic models.

Anne & Lynn Wheeler

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to