It's been a while since I studied cryptography in any detail, but to test the validity of your signature on the key, I would have to use your public key. In this case I'd be using a compromised key, then of course it would show as OK.
It seems to me the best way to handle PKI is to have several independent (preferably non-profit) corporations that each provide compatible infrastructure operating on different software platforms.
Each body would be responsible for setting their own standards for identification, etc. Also each would have to determine their own policies for handling search warrants, wiretaps etc. These policies should be publicly known.
As a user, I can select one or more key servers to provide key information for me. If I am paranoid, I can sign up for many key servers. Other users can decide which PKI bodies they will accept keys from. Automated systems can be set up to catch discrepancies between different PKI bodies. Software can be configured to automatically check multiple PKI providers.
Natural places to provide identity verification services to a PKI body are Post Offices, banks, DMVs.
Driver's licenses are a reasonable form of ID. Fakes are obtainable. Generally, if the police/state wants evidence to use in court, they have to obtain it through the use of search (wiretap) warrants. Faking DLs and using them to falsely change information in a PKI body would likely make information obtained inadmissable (unless you are an enemy combatant, then they'll just torture you until you confess and then throw away the key). That tends to restrict them to serving warrants to the PKI bodies directly. If I am super paranoid, and I keep 15 PKI server accounts, then John Law must serve 15 warrants to 15 different bodies and then must be executed in a something close to lock step if they are going to pull a switcheroo without me noticing. If even one body refuses to comply then I should start seeing red flags as the PKI bodies start to disagree about my key.
With any number of PKI bodies, I could monitor my keys to make sure that they are correct. Of course an evil the PKI server could be configured to tell people who it thinks are me (by IP address perhaps) that my key is the correct one, while passing the tweaked key to everyone else. Multiple independent servers makes this harder to achieve.
All this sounds great to me, but I am not a cryptographer. Bruce Schneier could probably poke a dozen gross holes in this scheme before his morning coffee. One thing that stuck with me about cryptography, is that protocol design is hard, key exchange is hard and algorithm design is hard--don't build production systems yourself (unless you have spent years gaining mastery of the field), stick to known and publicly evaluated systems. 99% of the time if Eve wants to listen in, she won't crack your cypher, she will find a hole in your protocol and exploit it.
TGI says moo
In reply to Re^5: OpenID alternatives, what do you suggest
by TGI
in thread OpenID alternatives, what do you suggest
by zentara
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |