[cryptography] fyi: Sovereign Keys: an EFF proposal for more secure TLS authentication

Adam Back adam at cypherspace.org
Sun Nov 27 08:38:10 EST 2011

Yes, its the way I would've done it.  Actually coincidentally I already did
propose doing it exactly that way in around 1999:


(That was about censor resistant DNS->ip mapping with public auditability. 
And that might still be something to think about with the current us
governments habit of seizing domains without legal due process.  Anyway the
same technique should work for public keys ... map a name to its IP address
and the hash of its public key, or its public key.  

My view is that these mappings are global and even with legal due process,
you dont want a local legal authority to be able to override a global view. 
Global views are conflicting.  Even somethings that are forbidden in one
area as may not be forbidden in another, or may even be mandatory!  Local
legal conclusions should be advisory for the local area.


On Sun, Nov 27, 2011 at 08:12:00AM +0200, Martin Paljak wrote:
>No, they had ecc and I saw no references to hash chains or trees. But that
>would be a right/interesting direction.
>On Nov 27, 2011 12:42 AM, "Adam Back" <adam at cypherspace.org> wrote:
>> I only skimmed the high level but I presume they would be using a merkle
>> hash-tree and time-stamp server or something like that so it cant revise
>> its
>> story later and its current state can be audited by anyone against its
>> advertised information.
>> Adam

More information about the cryptography mailing list