[cap-talk] Firefox breaks the principle of identifiability
Karp, Alan H
alan.karp at hp.com
Tue Feb 8 11:49:30 EST 2005
Ben Laurie wrote:
>
> Let's say I start with actually visiting my bank, and getting the
> fingerprint of their cert. I then tediously type that into my
> machine.
> Now I can go to the bank's website, and find their trustable link to
> PayPal. So, I go to PayPal and transfer some money from my
> bank into my
> PayPal account. I want to buy something with that money, so I follow
> PayPal's trustable link to eBay. On eBay, I find Joe Sixpack
> selling the
> something, so I follow eBay's trustable link to Joe Sixpack.
> Joe Sixpack
> has a friend, Evil Bastard, and a trustable link to him on
> his website.
> Now I have a trustable link to Evil Bastard (who Joe Sixpack
> described
> as escrow.com) I give my money to Evil Bastard, who promptly
> disappears,
> as does Joe Sixpack.
>
Then I've overinterpreted the meaning of "trust" in "trustable link". A
trustable link is only saying "this link refers to the party I call X".
It's up to me to decide how much I trust X based on information from the
introducer and how much I trust the introducer. In the case of my bank
introducing me to PayPal, I'm likely to assign a reasonable degree of
trust. First of all, PayPal is widely known not to cheat people.
Second, my bank stands to lose my business if it introduces me to a
phony PayPal. I'd probably make a similar assumptions about PayPal's
introducing me to eBay, although perhaps with less assurance, since my
business relationship with PayPal isn't as strong as with my bank. I
can trust eBay's introduction of Joe Sixpack only to the extent that
eBay is willing to stand behind it. In this case, that's the limit of
the insurance eBay provides. I have no basis to rely on any
introductions provided by Joe Sixpack. Doing so is just foolish.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Alan H Karp (alan.karp at hp.com).vcf
Type: text/x-vcard
Size: 591 bytes
Desc: Alan H Karp (alan.karp at hp.com).vcf
Url : http://www.eros-os.org/pipermail/cap-talk/attachments/20050208/e55b3c9e/AlanHKarpalan.karphp.com.vcf
More information about the cap-talk
mailing list