Re: Global PKI on DNS?

[Stephen Kent <kent at bbn.com>]

At 2:54 PM -0700 6/13/02, Einar Stefferud wrote:
> At 2:15 PM -0400 6/13/02, Stephen Kent wrote:
>
> [snip]... [snip]... [snip]... [snip]... [snip]... [snip]... 
> [snip]... [snip]...
> > You are the one who keeps saying that trust is transitive. I'm the 
> > one saying that it's not, and that a DNS-based PKI does not imply 
> > transitive trust.
> >
> > <rest of message deleted, since it didn't say anything new, 
> > constructive, or generally relevant to the topic ...
> >
> > Steve
>
> I am simply astounded.  Where in my texts have I said that trust is 
> ever transitive.
>
> I asked on for an explanation of why some in this list think trust 
> is transitive.
> And I cited the only instance I can think of where it might be 
> transitive by mutual agreement between a SPY and her handler!  But 
> this is not to be construed as my "saying that trust is transitive."
>
> If you can find he message and the text where I state that trust is 
> transitive. please return the message to me so I can compare it with 
> the copy of it that I kept in my outgoing mail folder.
>
> For clarity, I will now more simply restate my QUESTION:
>
> Explain for me (and others here) how trust is ever transitive!
>
> That is what I am really driving at.  I don't think you can prove it.

Stef,

I should have said that you are the one who keeps focusing on the 
question of whether trust is transitive, not that you said it was 
transitive.

You keep trying to cast this as a debate about the transitivity of 
trust, and I keep saying that it is not.

I made a slight type in my message, as you cited above.

You keep ignoring what I have said about the irrelevance of trust in 
a PKI where CAs are authoritative for the data they bind into certs.

As Tina Turner would have said, "What's trust got to do with it?"

Steve