Trustworthy contacts

[Carl Ellison]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 07:08 PM 9/9/00 +0100, David Hansen wrote:
>On 9 Sep 00, at 11:12, George Foot wrote:
>> which has lamentably been seized upon by
>> energetic but shortsighted interests as a basis for a e-commerce
>> framework which has been enshrined in law before it has been tested in
>> practice. 
>
>The alternative to a public key system for e-commerce would be a 
>secret key system. I doubt very much if key management could be done 
>with such a system.

This is a false comparison.  The flaw in PK systems isn't the cryptography 
but the human behavior around it.  The use of names, for example, breaks 
down when the number of named things exceeds 2 raised to the entropy of the 
names people can effectively use (remember, type accurately, etc.) or, in 
cases of directory operations (or PKIs), exceeds the square root of that 
limit because of the birthday paradox.

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQA/AwUBOcDXwXPxfjyW5ytxEQJ0MACeMoBYZZfQi2RYTPsP+p7Afo/R0EEAn20h
10FKUgWns0tFj5LnAqt85tF5
=Yhp9
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison         cme@acm.org     http://world.std.com/~cme |
|    PGP: 08FF BA05 599B 49D2  23C6 6FFD 36BA D342                 |
+--Officer, officer, arrest that man. He's whistling a dirty song.-+