Re: "tag:" Identification Idea [was: Re: Proposal: 'tag' URIs] from Aaron Swartz on 2001-04-29 (uri@w3.org from April 2001)

From: Aaron Swartz <aswartz@swartzfam.com>
Date: Sun, 29 Apr 2001 13:47:00 -0500
To: Tim Kindberg <timothy@hpl.hp.com>, "Sean B. Palmer" <sean@mysterylights.com>, Sandro Hawke <sandro@w3.org>
CC: <uri@w3.org>
Message-ID: <B711CBD3.A42D%aswartz@swartzfam.com>

Tim Kindberg <timothy@hpl.hp.com> wrote:

> I sent an email containing tag:timothy@hpl.hp.com;1 to www-uri-tag@w3.org
> on 2001/1/. That registry sent me a signed statement saying 'the possessor
> of value v has the right to mint tags of authority timothy@hpl.hp.com;1',
> where v is an effectively unguessable one-off value that was returned
> encrypted in the same email, so that only I can read it. Now I have a
> capability (in the security sense) for that authority: if I can satisfy
> www-uri-tag@w3.org that I possess v (which I can easily do), it can affirm
> my right to the authority.

Yes, Sean's plan was noticeably lax in the security department. However,
your proposal is also flawed in that the only way to prove you own the term
is by providing the random number. As soon as you do that, I can steal it
and claim that I was the one who registered the tag. An improved proposal is
below:

It seems there's a basic operation that you want to do with an email
address: send a random number to the address and have the user reply with
that random number and whatever authorization (digital signature,
description of command, etc.) is necessary. Then make the reply publicly
available if the random number matches. This solves many use cases.

Note that system is still vulnerable to malicious eavesdroppers. To solve
this, use public key encryption (and be sure that encrypt(msg,alice,bob) !=
encrypt(msg,bob,alice)). Of course now you're open to a man-in-the-middle
attack, but what're you going to do?

If you wanted to do this for historical purposes the :

User = Alice
W3C = Trent

    - Alice sends a registration request to Trent.
    - Trent sends back an (optionally encrypted) random number.
    - Alice (decrypts and) signs the number and sends it back.
    - Trent posts the signed message, date and mailbox on his website.

Now anyone can verify the signature on the message and know that the person
with that key had access to that mailbox at that time.

Anyone want to set this up? Has anyone done this?

Idea archived at: http://logicerror.com/verifyEmail

-- 
[ Aaron Swartz | me@aaronsw.com | http://www.aaronsw.com ]

Received on Sunday, 29 April 2001 14:49:15 UTC