Re: Global PKI on DNS?

To: Alex Audu <Alex.Audu at ALCATEL.COM>
Subject: Re: Global PKI on DNS?
From: Stephen Kent <kent at bbn.com>
Date: Tue, 18 Jun 2002 17:50:45 -0400
Cc: Ed Gerck <egerck at nma.com>, ietf <ietf at ietf.org>
In-reply-to: <3D0F59ED.77A194FF@alcatel.com>
References: <D9E0SFBURDA5LIJE0443LF4Z31C31.3d082370@www> <v04220818b92ddfce4d1b@[192.168.1.14]> <p05100300b92e529498e4@[128.89.88.34]> <v04220800b92e6c4ffed6@[192.168.1.14]> <p05100309b92e78ae8c66@[128.89.88.34]> <v04220809b92ec39457b0@[192.168.1.14]> <p05100302b92f88e781b6@[128.89.88.34]> <v04220801b92fc048a27a@[192.168.1.14]> <p0510030eb92fd2d2dfa0@[128.89.88.34]> <v04220806b92fe659b3bf@[192.168.1.14]> <p05100315b92ffe1b0b50@[128.89.88.34]> <v0422080cb9301e14cbdf@[192.168.1.14]> <p05100302b9339bd7f9f6@[128.89.88.34]> <3D0E0089.79DFECB8@nma.com> <3D0F59ED.77A194FF@alcatel.com>
Sender: owner-ietf at ietf.org

At 11:03 AM -0500 6/18/02, Alex Audu wrote:

Ed,

You made some interesting points which leads me to wonder if
we can define Trust in such a way that its parameters are verifiable,
then we can verify that it is transitive. In other words, if Jon gets
a dollar from Mike, and Jon can verify the parameters of the dollar,
then Jon doesn't care about the "trustworthyness" of  Mike's source.
Or should he?

Regards,
Alex.


I didn't want to comment on this example, but your message forces me to do so.

Jon verifies the dollar, which is a bearer credential, and not Mike, the person from whom he received the dollar. (The dollar could have been stolen by Mike!) This example says nothing about transitivity of trust.

Steve

Follow-Ups:
- Re: Global PKI on DNS?
  - From: Alex Audu
- Re: Global PKI on DNS?
  - From: Einar Stefferud

References:
- Re: Global PKI on DNS?
  - From: Chris Evans
- Re: Global PKI on DNS?
  - From: Einar Stefferud
- Re: Global PKI on DNS?
  - From: Stephen Kent
- Re: Global PKI on DNS?
  - From: Einar Stefferud
- Re: Global PKI on DNS?
  - From: Stephen Kent
- Re: Global PKI on DNS?
  - From: Einar Stefferud
- Re: Global PKI on DNS?
  - From: Stephen Kent
- Re: Global PKI on DNS?
  - From: Einar Stefferud
- Re: Global PKI on DNS?
  - From: Stephen Kent
- Re: Global PKI on DNS?
  - From: Einar Stefferud
- Re: Global PKI on DNS?
  - From: Stephen Kent
- Re: Global PKI on DNS?
  - From: Einar Stefferud
- Re: Global PKI on DNS?
  - From: Stephen Kent
- Re: Global PKI on DNS?
  - From: Ed Gerck
- Re: Global PKI on DNS?
  - From: Alex Audu

Prev by Date: RE: about certificate?
Next by Date: Re: Global PKI on DNS?
Previous by thread: Re: Global PKI on DNS?
Next by thread: Re: Global PKI on DNS?
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Global PKI on DNS?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.