Army signals security & "Clansmen" series radios

Dave Howe ukcrypto at maillist.ox.ac.uk
Fri, 8 Sep 2000 00:52:11 +0100 

> Not so. To follow your line of argument, if someone was authorised to tell
> you who, when and to what level to trust another, you would never require
to
> ask your question. All you need to know is that the party is indeed
> authorised to provide you the requisite parameters. For the question of
> trust is dealt with at some other level.
That is basically the same thing. you have to evaluate the reliance you
place in the above party to correctly supply you with the parameters; if you
evaluate that trust by saying "this person has been assigned to do this by
my superior, and therefore is the correct person to do this" then you have
still defined your trust relationship with this person, and hence to the key
material he supplies.

> Not so. Orders - direction - if you prefer must always be communicated
down
> the hiearchical tree but the majority of communications - including secure
> communication is of a coordinating nature and is lateral or 'all informed'
> in movement rather than vertical within the organisation. In fact the
> distinction in patterns and volumes of movement between 'command' and
> control/coordinating communications is an important one.
I can accept that, yes - but surely permission to join or leave such a
secure comms group is itself assigned via the hiearchical tree?

> If the WoT is assured by all key issue or key signature being by a common
> and trusted third party, you might be right in the first part. Certainly
that is
> well achievable within a hierarchical organisation.Nor do all PK systems
> have to rely on a WoT. Nevertheless the balance of advantage for a
> general adoption of PK cryptosystems for communication within hierarchical
> organisation had yet to be demonstrated, I believe.
I will take your word for it - I don't know of any proof, either; I was just
asserting that the PGP-style mechanism could support, as a subset,
hiearchical assignment of trust.

> > >'You will trust me' A soldier does what he does not because he trusts
> > >the officer, but because he bloody well just must.
> Sigh... It's really just a bit more complex that that. Trust me :-)
Not my text :+)

[snip group interdependency stuff] But you knew that really, didn't you?
no, I am sure it comes as no surprise to you that I didn't - but it makes
sense.
however, I am curious to know how far this extends up the tree, before a
stricter chain-of-command based model (where my original semi-throwaway
opinion was pointing) takes over.