Re: [Cryptography] Petnames & Zooko's triangle -- theory v. practice (was Email and IM are...)

2013-08-28 Thread James A. Donald

On 2013-08-28 7:33 PM, ianG wrote:

On 28/08/13 02:44 AM, radi...@gmail.com wrote:
Zooko's triangle, pet names...we have cracked the THEORY of secure 
naming, just not the big obstacle of key exchange.



Perhaps in a sense of that, I can confirm that we may have an elegant 
theory but practice still eludes us.  I'm working with a design that 
was based on pure petnames & ZT, and it does not deliver as yet.


One part of the problem is that there are too many things demanding 
names, which leads to addressbook explosion.  I have many payment 
vehicles, many instruments, and in a fuller system, many identities. 
Each demanding at least one petname.


And so do my many counterparties.  A second part of the problem is 
that petnames are those I give myself to some thing, but in some 
definitional sense, I never export my petnames (which is from which 
they derive their security).  Meanwhile, the owner of another thing 
also has a name for it which she prefers to communicate about, so it 
transpires that there is a clash between her petname and my petname.  
To resolve this I am exploring the use of nicknames, which are 
owner-distributed names, in contrast to petnames which are private names.


Which of course challenges the user even more as she now has two 
namespaces of subtle distinction to manage.  Kerckhoffs rolls six 
times in his grave.


Then rises the notion of secured nicknames, as, if Alice can label her 
favourite payment receptacle "Alice's shop" then so can Mallory.  Doh! 
Introduction can resolve that in theory, but in practice we're right 
back to the world of identity trickery and phishing.  So we need a way 
to securely accept nicknames, deal with clashes, and then preserve 
that security context for the time when someone wishes to pay the real 
Alice.  Otherwise we're back to that pre-security world known as 
secure browsing.


Then, map the privacy question over the above mesh, and we're in a 
traffic analyst's wetdream.  One minor advantage here is that, 
presswise, we only need to do a little better than Bitcoin, which is 
no high barrier ;)


In sum, I think ZT has inspired us.  It asks wonderfully elegant 
questions, and provides a model to think about the issues. Petnames 
and related things like capabilities answer a portion of those 
questions, but many remain.  Implementation challenges!




Because email addresses and urls are already for the most part non human 
memorable, we already have implementations of Zooko's triangle which 
seem to work fine for the ordinary end user.


The old petname tool, (which has now probably succumbed to bitrot) used 
the browser's bookmark list to store public key data, thus was an 
implementation of Zooko's triangle, that piggy backed on the browser's 
implementation of Zooko's triangle for non human memorable urls.  It 
worked fine for me.


My petnames are still on the browser bar, providing easy access to my 
bank and stuff, though no longer providing security.

___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography


Re: [Cryptography] Petnames & Zooko's triangle -- theory v. practice (was Email and IM are...)

2013-08-28 Thread Steve Furlong
On Wed, Aug 28, 2013 at 5:33 AM, ianG  wrote:
> Yes.  I was never scared of the NSA.  But the NSA and the FBI and the DEA
> and every local police force ... that's terrifying.  That's a purer
essence of
> terror, far worse than terrorism.  We need a new word.
It's a boot stamping on a human face, forever.
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography