[cryptography] key management guidelines
James A. Donald
jamesd at echeque.com
Sat Sep 4 01:27:54 EDT 2010
On 2010-09-04 1:21 PM, Ian G wrote:
> On 4/09/10 4:21 AM, travis+ml-rbcryptography at subspacefield.org wrote:
>> It's too bad there isn't a notion of identity seperate from keys.
> The problem with all this is there is an assumption that we can
> accurately model an identity in any form. In practice, we can't. In more
> theoretical terms, we can't even define identity, let alone design a
> single system to capture it.
Identity is a hard problem: Zooko's triangle seems to be our best
solution, capturing three aspects of identity.
I would propose, following Zooko, that the globally unique name is a
hash of a rule that enables you to recognize a proof that a public key
is valid for this identity, which string is non human readable and never
shown in the user interface, while the nickname and petname are short
memorable human readable strings that are not globally unique.
To bind a petname to someone-I-know, or some-capability-I-am entitled-to
use, we use the shared short secret, username plus password, to identify
"someone I know" and one of the many protocols for bootstrapping weak
secrets to strong ones.
This proposal is a wholesale replacement for DNS, PKI, DNSEC, TCP,
email, IM, and everything else. Starting over from the beginning is
notoriously painful, no matter how dreadful the code base, and always
results in late software and death marches, but it does seem we took a
wrong turn way back, and there seems no incremental way from where we
are to where we should be.
More information about the cryptography