[cryptography] The Government and Trusted Third Party
James A. Donald
jamesd at echeque.com
Sun Sep 18 17:21:25 EDT 2011
On 2011-09-19 2:32 AM, Marsh Ray wrote:
> The entire concept of a "preexisting relationship" adds new state to the
> client endpoint (the web browser). This might seem like a small thing,
> but it really isn't. To the extent a solution built on this
> observation is effective, this state is also security critical.
> Now that we have security critical state in the user's web browser, it
> add a lot of complication to the user interface.
Need to distinguish between relationships, and existing knowledge of an
A pre-existing relationship is a logon. Browsers have to explicitly
support logons with zero knowledge proof. This requires substantial
additional user interface, as logon has to be part of the chrome, not
part of the web page:
There are three cases:
Bob recommends Ann to Carrol, Bob needs to give Carrol an unforgeable
reference to Ann: That is a yurl.
Bob knows that Ann is good, wants to make sure he is connecting to the
same entity as last time. That a yurl in his bookmarks.
Bob has a relationship with Ann. That is logon or shibboleth, needs a
zero knowledge proof to establish a connection.
That seems to cover all the cases, including the case that SSL/PKI was
designed for: Identifying the real retailer is a job for yurls, not
certificates, and a credit card number is a shared secret, a job for
zero knowledge proof. Your credit card number is just a low security
logon with your credit card issuer.
More information about the cryptography