RE: Global PKI on DNS?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Title: RE: Global PKI on DNS?

There appears to be two main points of contention about PKI on DNS.  Using the dollar analogy

1. Uniqueness
        How does Jon know that the dollar Jon received from Mike is a dollar?
       
        A dollar has specifications that tell you it's a dollar (type of paper, ink, micro printing, etc)

        Each dollar has a unique serial number. If you find two dollars with the same serial number, then you know that one of them is not a real dollar.  They key is in the storage of that information.  There must be a place(s) (Federal Reserve) where there is a record of who the dollar was issued to.

2. Ownership
        How does Jon know that the dollar he received from Mike was Mike's?

        Uniqueness by itself does not imply ownership.




>From: Einar Stefferud [mailto:stef@nma.com]
>Sent: Tuesday, June 18, 2002 7:45 PM
>To: ietf
>Subject: Re: Global PKI on DNS?
>
>None of this, whether the dollar was stolen or not, has any impact on
>the trustworthiness of the original dollar, as it is a bearer note,
>and a dollar stolen is a dollar earned in some quarters.
>
>Just like car manufacturers consider a car stolen to be a car sold,
>unless it was stolen from the manufacturer.
>
>We trust the intrinsic appearance of the dollar bill.
>
>Or the pink slip for car ownership, but do not trust the car without
>its pink slip.
>
>Now, if I give you a check, and you give my check, made out to you,
>endorsed to someone else, the recipient, if she accepts it is relying
>on the transitivity of trust, whether such reliance is reliably
>transitive or not.  Most people in the US will not accept such
>checks, but in some countries, such checks circulate for a long time
>and some are never cashed.
>
>The real underlying issue here is reliance, and as Ed has pointed
>out, reliance depends on more than the bearer saying "Trust Me!"
>which is a single channel of communication.  In the case of a dollar,
>it depends on the perceived ability to find a greater fool to accept
>it at face value,
>as in the act of buying or selling common stock shares.
>
>This is why "Trust Me!" is generally considered a joke and why most
>people laugh at it, whether they understand the formal logic of the
>humor or not.
>
>But it is clear that trust is not some simple property of objects!
>It is much more complex and depends on subjective evaluations of its
>value, gennerally incorporating many bits of information from
>multiple channels.
>
>Cheers...\Stef
>

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]