On Aug 28, 2013, at 8:52 AM, Perry E. Metzger wrote:

> On Tue, 27 Aug 2013 23:52:23 -0400 Jerry Leichter <leich...@lrw.com>
> wrote:
>> But none of that matters much any more.  "Publication" is usually
>> on-line, so contact addresses can be arbitrary links.  When we meet
>> in person, we can exchange large numbers of bits between our
>> smartphones.  Hell, even a business card can easily have a QR code
>> on the back.
> 
> Just as an FYI, this describes exactly zero of the times that I've
> gotten people's email or jabber addresses in recent years. Very
> typically people have written them down for me, told them to me over
> the phone, or the equivalent. I've had to read mine over the phone a
> fair bit, too.
The apps to make the transfer easy don't exist, so we still use the old 
mechanisms.  Think about the absurdity:  You have a high-speed digital 
connection to someone, and rather than using it to transfer a couple of hundred 
bits reliably, you encode it ambiguously in an analogue waveform, write it down 
on a piece of paper, then type that data back in.  Yes, it works - but does 
that sound like a rational way to do things?

> I wouldn't know how to trust publication online in the first
> place.
In exactly the same way you trust paper publications that contain today's style 
of addresses.

> 
> "Perry Metzger's email is <big string>"
> "How do I know that's true?"
And exactly how is this different from "Perry Metzger's email is 
pe...@piermont.com"?

> "Because it is encrypted in <big string>"
> "What if that's a lie? I've never heard Perry utter <big string>"
> "What, you don't trust me? No dishonest person has a web server!"
> 
> If someone tells me they're f...@example.com, and I have a trustworthy
> way of mapping f...@example.com into a long lived key (see my first
> message in this sequence of three that triggered this discussion),
> life is a lot better.
A minority of people have addresses that are easy to remember.  Most - by far 
the majority - have some random-looking set of letters and digits with some 
part of their first or last name or a nickname embedded somewhere inside at 
gmail or yahoo or some institution.  You can say "Well, if everyone has their 
own server, then they can pick their own name" - but then you end up with 
non-memorable domain names.

Frankly, I have trouble remembering the last time I got someone's email address 
by having them tell it to me.  Most addresses come to me these days from LDAP 
or a similar institutional database; or embedded in a mail message (like one of 
the ones on this list); or printed somewhere.  Since I got a domain name way 
back when it was actually possible to get three-letter names, I have an address 
that's reasonably easy to tell people - so I'll often tell them, after they've 
rattled off something I'll certainly forget within minutes - "write to me at 
leich...@lrw.com so I'll have your address".  :-)
 
> I think this alone is a lot of why X.500 died
> so fast compared to SMTP -- the addresses were simply untenable, and
> they were at least in theory human readable.
X.500 died because everything it was connected to died.  And in the end it 
never actually got to the point where it solved anyone's problems.

> Anyway, I've already started implementing my proposed solution to
> that part of the problem. There is still a need for a distributed
> database to handle the lookup load, though, and one that is not the
> DNS.
It's perfectly reasonable to have human-name-to-computer-identity maps.  It's 
certainly something I depend on all the time at a local level:  Mail.app knows 
tons of addresses I use, and if all else fails I can, and do, search my 
previous email's to find someone's address.  (That makes for a much more 
flexible, and useful, person database than any stand-alone database I've seen:  
I can search based on anything I can remember about the person, such as what he 
wrote about, when we last corresponded, who else was involved in the 
conversation.)  Large institutions have their own internal databases.  But a 
global database seems rather pointless to me.  There are too many people with 
similar names.  Try using LinkedIn to find someone who you only know a bit 
about by name.  Sometimes it works; sometimes you find ten people who *might* 
be the person you're looking for.

The whole notion of talking securely to someone who you yourself have no way of 
specifying uniquely is incoherent.  No clever implementation can help.

                                                        -- Jerry


> Perry
> -- 
> Perry E. Metzger              pe...@piermont.com

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Reply via email to