Re: [Cryptography] Specification: Prism Proof Email

Sun, 22 Sep 2013 10:43:28 -0700 

On 9/20/13 at 11:59 AM, hal...@gmail.com (Phillip Hallam-Baker) wrote:


As someone who has seen the documents said to me this week, given a choice
between A and B, the NSA does both. We have to do the same. Rather than
have a pointless argument about whether Web 'o Trust or PKIX is the way to
go, let everyone do both. Let people get a certificate from a CA and then
get it endorsed by their peers: belt and braces.
This approach certainly meets my requirements. As a UI designer/user I want it to JFW (Just ... Work) invisibly under the covers. As a boarder-line paranoid, I want a indicator of which methods passed. :-)
Let's add to the list of methods the SSH method of, "The same key used the last time".
I assume users of the CA method would register with the CA in some maner which would probably cost money. (How the CA separates me from Bill Frantz, the professional photographer in Illinois is not going to be cheap.) I understand there is still a trademark dispute between the US beer Budwiser and the German beer of the same name.
In the WoT case, having your key fingerprint written on a QR code is a neat hack. Put it on the back of your business card[1].
I think CAs will be most useful for businesses while WoT will be most useful for individuals. Everyone will be more comfortable when the SSH test passes. 

Cheers - Bill
[1] Back in days of yore, I needed to send some company private data to my home computer. I didn't have the fingerprint of my key at work, but I did have Carl Ellison's business card with the fingerprint of his key. He had signed my key which was available on a key server, so I had good enough reason to trust that the key was actually mine. 

-----------------------------------------------------------------------
Bill Frantz        | Since the IBM Selectric, keyboards have gotten
408-356-8506       | steadily worse. Now we have touchscreen keyboards.
www.pwpconsult.com | Can we make something even worse?

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Reply via email to