W3C home > Mailing lists > Public > uri@w3.org > April 2001

Re: "tag:" Identification Idea [was: Re: Proposal: 'tag' URIs]

From: Aaron Swartz <aswartz@swartzfam.com>
Date: Mon, 30 Apr 2001 18:19:39 -0500
To: Tim Kindberg <timothy@hpl.hp.com>, "Sean B. Palmer" <sean@mysterylights.com>, Sandro Hawke <sandro@w3.org>
CC: <uri@w3.org>
Message-ID: <B71354B8.A5BE%aswartz@swartzfam.com>
Tim Kindberg <timothy@hpl.hp.com> wrote:

> Your protocol describes
> that encryption as being optional. It's not: otherwise, an attacker could
> seize the value, sign it with their key, and thus later be able to 'prove'
> it went to them.

Actually this isn't true. Assuming that the encryption was simple SSL/HTTP
the difference in security isn't very great. Anyone attacking the machine
itself would have the decrypted key either way. Any attacker snooping on the
packets as they went through could easily execute a man-in-the-middle
attack. Knowing how few users check the certificates carefully and look at
security details, I'm sure it would go by rather unnoticed for most.

> So you demonstrate assignment by possession of a key, I prove it by
> possession of the value. My approach has the advantage that it isn't broken
> if Alice's key is compromised. Your approach has the possible advantage

Actually, if Alice's key is compromised, and you know the date of the
compromise, then you can still trust documents before that date.

> that Alice can directly prove 'she's the one' to principals other than the
> trusted third party. Can you think of any other advantages/disadvantages,
> either way?

I think you get some benefit from the Alice's public key being spread far
and wide, but I'm not sure what it is!

[ Aaron Swartz | me@aaronsw.com | http://www.aaronsw.com ]
Received on Monday, 30 April 2001 19:22:39 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:25:02 UTC