[cryptography] Tell Grandma to remember the Key ID and forget the phone number. [was: Re: Let's go back to the beginning on this]

StealthMonger StealthMonger at nym.mixmin.net
Mon Sep 26 06:28:22 EDT 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jon Callas <jon at callas.org> writes:

> The nicest thing you say about it is that it replaces an
> identification problem Grandma can understand (how do you know
> that's Amazon -- a store you've never been to before?) with an
> identification problem that she can't (how do you know that's not
> someone who isn't Amazon pretending to be Amazon, a store you've
> never heard of before).

Drill Grandma on one thing:

     FORGET THE TELEPHONE NUMBER.  REMEMBER THE KEY ID.

If she's smart enough to know to write down or remember the telephone
number, she's smart enough to re-channel that to the Key ID.

Merchants and banks proudly and prominently display their Key IDs on
their front pages and with all ads likely to catch Grandma's eye.

The rest is done by a local or on-line cryptographically-secure
directory indexed by Key ID.

Now retire the CAs and forget about them.

- -- 


 -- StealthMonger <StealthMonger at nym.mixmin.net>
    Long, random latency is part of the price of Internet anonymity.

   anonget: Is this anonymous browsing, or what?
   http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain

   stealthmail: Hide whether you're doing email, or when, or with whom.
   mailto:stealthsuite at nym.mixmin.net?subject=send%20index.html


Key: mailto:stealthsuite at nym.mixmin.net?subject=send%20stealthmonger-key

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.9 <http://mailcrypt.sourceforge.net/>

iEYEARECAAYFAk6AQikACgkQDkU5rhlDCl6iRgCeK6TvOpXjqTZyndKfZ9BWvY93
4TMAmwQX8iYvN0YlTqUUMYWt23Y3Iexn
=WUM1
-----END PGP SIGNATURE-----




More information about the cryptography mailing list