[cap-talk] Delegating Responsibility in Digital Systems:Horton's "Who Done It?"
Toby Murray
toby.murray at comlab.ox.ac.uk
Fri Jun 8 12:12:11 EDT 2007
On Fri, 2007-06-08 at 08:44 -0700, Jed Donnelley wrote:
> At 12:51 AM 6/8/2007, Toby Murray wrote:
> >On Fri, 2007-06-08 at 00:52 +0000, Karp, Alan H wrote:
> > > > Scribit Karp, Alan H dies 07/06/2007 hora 15:47:
> > > > > Each request from a different responsible party comes through a
> > > > > different forwarder under Carol's control. That provides Carol
> > > > > undeniable authentication. However, Carol can't prove that
> > > > to anyone
> > > > > else because the forwarder is under her control. For example, she
> > > > > could have sent the request herself.
> > > >
> > > > So if I understand this correctly, for the authentication to be
> > > > undeniable to other subjects than Carol, the forwarder must
> > > > be under the
> > > > control of a third party trusted by those subjects, and not under
> > > > Carol's control, mustn't it?
> > >
> > > Or signed by the sender.
> >
> >Using a key that everyone can authenticate, which may require a TTP
> >anyway to authenticate the key.
>
> It's important that it doesn't require a trusted third party.
> What do you mean by "authenticate the key"? Are you referring
> to the business of developing a relationship with the key (e.g.
> web of trust, organizational database - e.g. LDAP), or is there
> something more to your "authenticate the key" requirement?
Yes I mean something like that. If I receive a message signed by a
particular key and I want to prove to you that it came from X, both of
us need to have a relationship with the private key used to sign the
message.
> Using the public/private key model, if Carol can produce a message
> signed by the private key, then the 'proof' of the responsibility
> of the identity is as good as the cryptography. The meaning/relevance
> of the identity (who the heck is this "Bob") I see as a separate issue.
Fair enough.
More information about the cap-talk
mailing list