On 5/09/10 3:08 AM, Arshad Noor wrote:
Ian G wrote:
On 4/09/10 4:21 AM, travis+ml-rbcryptogra...@subspacefield.org wrote:
It's too bad there isn't a notion of identity seperate from keys.
The problem with all this is there is an assumption that we can
accurately model an identity in any form. In practice, we can't. In
more theoretical terms, we can't even define identity, let alone
design a single system to capture it.
With all due respect, I would beg to differ, gentlemen. All of you have
touched upon the answer, but did not precisely define it. Ray came very
close to it in his very interesting posting, but again, did not express
it succinctly.
Very simply: identity is a set of attributes of a transacting party,
relevant to the transaction's context.
The point being, perhaps, that we can define it, but the definition is
so far away from where OP was thinking that it is totally useless.
E.g., travis wants own identity in the PGP key. Yet your definition
calls for capturing the identity of a newspaper.
We're now talking about identifiers and OOP and capabilities and
fundamentals of data, not what humans think of their "identity".
It's a bit like defining Travis's identity as the set of actions that
erupt from movements of the collection of atoms bounded by the clothing
barrier....
OpenPGP can still do that, but it misses the point by a layer or two.
We do not have a way to capture a bundle of attributes and make them
perform as per OPs desires. x.509 insists there is no bundle, or it
insists there is only an unchanging official bundle (CN, C, etc), so its
simplifications make it intractable in practice.
iang
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography