Privacy (Was Re: Rant (Was Re: ...FTP...))

[John McDermott <jjm () jkintl com>]

--- On Mon, 19 Apr 1999 07:45:49 -0700  David LeBlanc 
<dleblanc () mindspring com> wrote:

> I also think we're going to lose much of the anonymity we currently have 
as
> we move forward.  As with most things, this will be both good and bad.
> I'll leave that argument to another thread.

OK, I'll bite.  I agree with you to a limited extent, but don't protocols 
such as the initial Diffie-Helman (which provided key establishment, 
really, without authentication) provide a sort of anonymity?  Sure, with 
anonymity one is subject to MITM attacks, etc., but it can be done.

There are schemes being developed (although I know personally of no 
widespread deployment) for anonymous purchasing transactions.

My question is: is there a benefit to deploying a system where we can 
provide anonymity, but still authenticate?  That is, can I send a message 
to a list, for example, as "Joe Blow", which is not my real name :-), but 
still provide, say, a certificate in the name of Joe which assures the 
readers that I am Mr. Blow?  Is there a benefit in that (or in other 
anonymity for that matter)?

I can do this now by getting a certificate from Thawte in any name I want 
to.  Presumably I can do that from other CA's too.  Maybe we can even 
create a special CA for "certificates of anonymity".   This would allow the 
secure transfer of files (as mentioned in the message which started this 
thread) and allow the provider of the file to contact the anonymous 
"accesser" securely, without ever revealing anyone's identity.  The 
question as I see it is, "what good is the anonymity?"  If we can answer 
that, we can possibly provide the system and reap the benefits.

Maybe this should move to phil-sec?

--john




-------------------------------------
Name: John McDermott
VOICE: +1 505/377-6293 FAX +1 505/377-6313
E-mail: John McDermott <jjm () jkintl com>
Writer and Computer Consultant
-------------------------------------