[cryptography] key management guidelines

James A. Donald jamesd at echeque.com
Sat Sep 4 01:27:54 EDT 2010


On 2010-09-04 1:21 PM, Ian G wrote:
> On 4/09/10 4:21 AM, travis+ml-rbcryptography at subspacefield.org wrote:
>
>> It's too bad there isn't a notion of identity seperate from keys.
>
>
> The problem with all this is there is an assumption that we can
> accurately model an identity in any form. In practice, we can't. In more
> theoretical terms, we can't even define identity, let alone design a
> single system to capture it.

Identity is a hard problem:  Zooko's triangle seems to be our best 
solution, capturing three aspects of identity.

I would propose, following Zooko, that the globally unique name is a 
hash of a rule that enables you to recognize a proof that a public key 
is valid for this identity, which string is non human readable and never 
shown in the user interface, while the nickname and petname are short 
memorable human readable strings that are not globally unique.

To bind a petname to someone-I-know, or some-capability-I-am entitled-to 
use, we use the shared short secret, username plus password, to identify 
"someone I know" and one of the many protocols for bootstrapping weak 
secrets to strong ones.

This proposal is a wholesale replacement for DNS, PKI, DNSEC, TCP, 
email, IM, and everything else. Starting over from the beginning is 
notoriously painful, no matter how dreadful the code base, and always 
results in late software and death marches, but it does seem we took a 
wrong turn way back, and there seems no incremental way from where we 
are to where we should be.




More information about the cryptography mailing list