FW: [Dundi] DUNDi popularity
Joseph Ashwood
joe at trustlaboratories.com
Fri Oct 13 14:49:06 MST 2006
----- Original Message -----
From: "Michael Richardson" <mcr at sandelman.ottawa.on.ca>
Subject: Re: FW: [Dundi] DUNDi popularity
> You need the PGP model instead.
> Every DUNDi node needs to be a CA/signer. You can have web-of-trust.
>
> You may also want to look at SPKI:
> (Rivest= R of RSA, Ylonen=SSH)
>
> 2692 SPKI Requirements. C. Ellison. September 1999. (Format: TXT=29569
> bytes) (Status: EXPERIMENTAL)
>
> 2693 SPKI Certificate Theory. C. Ellison, B. Frantz, B. Lampson, R.
> Rivest, B. Thomas, T. Ylonen. September 1999. (Format: TXT=96699
> bytes) (Status: EXPERIMENTAL)
That's more or less exactly what I was thinking in addressing Anders' issue,
then through the certs we have a handoff of trust, and while a single
failure would simply identify the end node (identical to the IP address
failure), a large scale failure (the real problem) would allow tracking of
the bad connectivity point allowing both routing around it, and any
additional remedies allowed under law.
Incidentally, through a small extension of the certificate (already enabled
through most of the options) we can include link tranversal costs, to
address the suggestion made by Jeffrey in a different subthread. With
increased connectivity these values would tend towards 0, but as an uptake
measure it might be of value.
Joe
More information about the Dundi
mailing list