On 2013-08-28 7:33 PM, ianG wrote:
On 28/08/13 02:44 AM, radi...@gmail.com wrote:
Zooko's triangle, pet names...we have cracked the THEORY of secure
naming, just not the big obstacle of key exchange.
Perhaps in a sense of that, I can confirm that we may have an elegant
theory but practice still eludes us. I'm working with a design that
was based on pure petnames & ZT, and it does not deliver as yet.
One part of the problem is that there are too many things demanding
names, which leads to addressbook explosion. I have many payment
vehicles, many instruments, and in a fuller system, many identities.
Each demanding at least one petname.
And so do my many counterparties. A second part of the problem is
that petnames are those I give myself to some thing, but in some
definitional sense, I never export my petnames (which is from which
they derive their security). Meanwhile, the owner of another thing
also has a name for it which she prefers to communicate about, so it
transpires that there is a clash between her petname and my petname.
To resolve this I am exploring the use of nicknames, which are
owner-distributed names, in contrast to petnames which are private names.
Which of course challenges the user even more as she now has two
namespaces of subtle distinction to manage. Kerckhoffs rolls six
times in his grave.
Then rises the notion of secured nicknames, as, if Alice can label her
favourite payment receptacle "Alice's shop" then so can Mallory. Doh!
Introduction can resolve that in theory, but in practice we're right
back to the world of identity trickery and phishing. So we need a way
to securely accept nicknames, deal with clashes, and then preserve
that security context for the time when someone wishes to pay the real
Alice. Otherwise we're back to that pre-security world known as
secure browsing.
Then, map the privacy question over the above mesh, and we're in a
traffic analyst's wetdream. One minor advantage here is that,
presswise, we only need to do a little better than Bitcoin, which is
no high barrier ;)
In sum, I think ZT has inspired us. It asks wonderfully elegant
questions, and provides a model to think about the issues. Petnames
and related things like capabilities answer a portion of those
questions, but many remain. Implementation challenges!
Because email addresses and urls are already for the most part non human
memorable, we already have implementations of Zooko's triangle which
seem to work fine for the ordinary end user.
The old petname tool, (which has now probably succumbed to bitrot) used
the browser's bookmark list to store public key data, thus was an
implementation of Zooko's triangle, that piggy backed on the browser's
implementation of Zooko's triangle for non human memorable urls. It
worked fine for me.
My petnames are still on the browser bar, providing easy access to my
bank and stuff, though no longer providing security.
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography