-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On Sun, 29 Aug 2004, Jonathan Morton wrote:
a practical implementation of a system using shared secrets would be an absolute nightmare on anything approaching the scale of email. if anyone can explain a feasible (secure, trusted, invisible to end users, etc) system of key exchange, i'd enjoy hearing about it.
I think I've already described it. Let me go over your points one by one:
- Scalability. Each key is known only to it's singular sender and singular recipient. There is no central authority of any kind, and no need to send revocation notice to multiple people. Therefore it will scale indefinitely.
=================
- Security. The key is sent across the wire once (in the common case), in plaintext. This is considerably more secure than the subsequent storage of the key on the participating computers, in today's Internet, and I believe this is sufficient.
==================
- Trusted. Each key is only accepted into the recipient's whitelist if it comes with high-value hashcash *and* the recipient has already sent mail to the sender. This establishes that a consensual two-way conversation is in progress, which is the entire point of the exercise.
==================
- Invisible. Yes, it is.
================
...atom
_________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 -------------------------------------------------
"When a man calls an animal vicious that usually means it will try to protect itself when he tries to kill it." -- Rick McIntyre, "A Society of Wolves" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures
iQEcBAEBCAAGBQJBMpIHAAoJEAx/d+cTpVciZyYIAIka0lkGWRfDwQUUd/AAigXS Kj52tDYuklw9RJ9YMKIFD0F6EX2BXZdrEEXuoYRANs46ENl23U7ESdLtgif/zrkc 6RrLvQfiRZMLBZ7DBExQ6xV2/YCdMVlXE1GlL3rovviw7GAKiEnqHyY9cgICbYKt z/U1NgLejt6w5SqN47Wa8gZsNbm6XsqBJOPbYNpU/srDy0kOGCrmzBj8VmOeck1L TCgdHEMzz2J6feJa705HlSl5Y3lgRU+tlH0Flmwq2TMBiT7Cx3SsuazG5GfhU1FI oz93Tq1P/Tqx5mPpl1b0Vcjs/fP2UX7EixKptci8RCw7IggSFHVcUJLacuEWvoU= =Lv6F -----END PGP SIGNATURE-----