[cap-talk] Firefox breaks the principle of identifiability

[Jed Donnelley]

At 09:16 PM 2/7/2005, Ben Laurie wrote:
>Jed Donnelley wrote:
>>At 08:29 PM 2/7/2005, Ben Laurie wrote:
>>...
>>For example, I gave the example where someone I trust could say, "If you 
>>visit the site, view
>>it's SSL certificate and find that it's MD5 Fingerprint is 
>>A9:04:4D:...:E2:31:9A  then I can trust
>>that it's "Paypal" the organization that you can place some trust in."
>>Does that answer your question?...
>
>I agree it solves the problem of confusable URLs. I can't get very excited 
>about that without a solution to the problem of how I realistically get 
>hold of things to associate petnames with. Currently, if I want to go to 
>Paypal's site, I type it in - petnames don't help me.
>...
>This would work. I don't believe it is practical.

What don't you believe is practical?  The communication of the trust 
relationship from one
entity to another (e.g. from your existing bank to Paypal) or the binding 
of the communicated
trust to a Petname?  Or something else?

It seems to me that if I have an existing trust relationship and via known 
secure communication
with that trusted entity I receive a message like:
_________________________________________________________________________
You can trust the entity at www.paypal.com with the certificate with MD5 
Fingerprint:

A9:04:4D:C2:74:5E:05:D9:28:44:E0:8C:53:E2:31:9A

to be the "Paypal" service as I describe in this document.  You may assign it
the Petname "Paypal" and trust it as described herein.
__________________________________________________________________________

The one thing I think might be missing is the binding of the Petname to the
fingerprint.  Binding it to an IP address or DNS name has known problems.
If there was a binding to a fingerprint as above (I don't know, there may be),
would that suffice?  Would you consider that 'practical'?  If not, why not?

--Jed http://www.webstart.com/jed/