[FoRK] Re: identity-based encryption
lgonze at panix.com
Tue Feb 10 09:43:05 PST 2004
As much respect as I have for yurls, Tyler, I believe your dismissal of
secure memorable names is a mistake. The action in memorable names
happens in a scope between perfectly global names like public keys and
perfectly private names like pet names. This is the context that
allows branding to work for huge blocks of people without requiring
that they work for everybody; for example, the scope of a car name is
typically national. It is also the context of Google "I feel lucky",
which works very well for some names and badly for others.
And really, I think that midrange scope is the only one that matters.
It can't be dismissed because it is the main thing.
It is best to take Zooko's triangle as a useful koan rather than a law.
On Tuesday, Feb 10, 2004, at 00:51 America/New_York, Tyler Close wrote:
> On Mon February 9 2004 08:07 am, Meltsner, Kenneth wrote:
>> Interesting stuff,
> No, it's not. It's ridiculous. It is a repetition of the same
> mistakes that were made in the conception of the PKI. A global,
> human-memorable namespace is inherently insecure. Such a namespace
> puts the act of recognition in the hands of the attacker. You
> can't expect secure collaboration when the attacker gets to tell
> you who you should think he is. A global namespace means that the
> name used to refer is the same as the name used to recognize. It's
> an age old way to trick a human. Secure collaboration between
> humans requires local namespaces. See:
> The union of REST and capability-based security.
> FoRK mailing list
More information about the FoRK