On Jul 30, 2010, at 4:58 AM, Peter Gutmann wrote:

> [0] I've never understood why this is a comedy of errors, it seems more like
>    a tragedy of errors to me.

That is because a tragedy involves someone dying. Strictly speaking, a tragedy 
involves a Great Person who is brought to their undoing and death because of 
some small fatal flaw in their otherwise sterling character.

In contrast, comedies involve no one dying, but the entertaining exploits of 
flawed people in flawed circumstances.

PKI is not a tragedy, it's comedy. No one dies in PKI. They may get embarrassed 
or lose money, but that happens in comedy. It's the basis of many timeless 

Specifically, PKI is a farce. In the same strict definition of dramatic types, 
a farce is a comedy in which small silly things are compounded on top of each 
other, over and over. The term farce itself comes from the French "to stuff" 
and is comedically like stuffing more and more feathers into a pillow until the 
thing explodes.

So farces involve ludicrous situations, buffoonery, wildly improbable / 
implausible situations, and crude characterizations of well-known comedic 
types. Farces typically also involve mistaken identity, disguises, verbal humor 
including sexual innuendo all in a fast-paced plot that doesn't let up piling 
things on top of each other until the whole thing bursts at the seams.

PKI has figured in tragedy, most notably when Polonius asked Hamlet, "What are 
you signing, milord?" and he answered, "OIDs, OIDs, OIDs," but that was 
considered comic relief. Farcical use of PKI is far more common. 

We all know the words to Gilbert's patter-song, "I Am the Very Model of a 
Certificate Authority," and Wilde's genius shows throughout "The Importance of 
Being Trusted." Lady Bracknell's snarky comment, "To lose one HSM, Mr. 
Worthing, may be regarded as a misfortune, but lose your backup smacks of 
carelessness," is pretty much the basis of the WebTrust audit practice even to 
this day.

More to the point, not only did Cyrano issue bogus short-lived certificates to 
help woo Roxane, but Mozart and Da Ponte wrote an entire farcical opera on the 
subject of abuse of issuance, "EV Fan Tutti." There are some who assert that he 
did this under the control of the Freemasons, who were then trying to gain 
control of the Austro-Hungarian authentication systems. These were each 
farcical social commentary on the identity trust policies of the day. 

Mozart touched upon this again (libretto by Bretzner this time) in "The 
Revocation of the Seraglio," but this was comic veneer over the discontent that 
the so-called Aluminum Bavariati had with the trade certifications in siding 
sales throughout the German states, as well as export control policies since 
Aluminum was an expensive strategic metal of the time. People suspected the 
Freemasons were behind it all yet again. Nonetheless, it was all farce. 

Most of us would like to forget some of the more grotesque twentieth-century 
farces, like the thirties short where Moe, Larry, and Shemp start the "Daddy-O" 
DNS registration company and CA or the "23 Skidoo" DNA-sequencing firm as a way 
out of the Great Depression. But S.J. Perleman's "Three Shares in a Boat" shows 
a real-world use of a threshold scheme. I don't think anyone said it better 
than W.C. Fields did in "Never Give a Sucker an Even Break" and "You Can't 
Cheat an Honest Man."

I think you'll have to agree that unlike history, which starts out as tragedy 
and replays itself as farce, PKI has always been farce over the centuries. It 
might actually end up as tragedy, but so far so good. I'm sure that if we look 
further, the Athenians had the same issues with it that we do today, and that 
Sophocles had his own farcical commentary.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to