Robot CA at

David Shaw
Tue Dec 10 16:02:01 2002

On Tue, Dec 10, 2002 at 01:32:23AM -0600, Kyle Hasselbacher wrote:
> On Mon, Dec 09, 2002 at 09:36:42PM -0500, David Shaw wrote:

> >Since this system was promoted as part of a special setup for Granny,
> >that special setup can trivially include this configuration.  It
> >doesn't help Granny to involve the web of trust at all.


> It DOES help Alice the Programmer when she writes Granny's software.
> Alice, being a crypto enthusiast, DOES have a way into the web of trust.
> She might even be close enough to me in the web (or more accurately,
> someone who signs me) that she feels comfortable trusting my signature on
> the robot's key.  If she's not that close, she knows how to verify a key on
> her own, and add her signature, which might help the next Bob the
> Programmer do the same thing.

I would hope that Alice the Programmer would take a lot more care than
a link in the web of trust before installing the robot key as a CA in
Granny's software.  The web of trust is good, but it's not nearly
(IMO) good enough to justify installing a new axiomatically trusted CA
on countless copies of a new email client!

The web of trust is a pretty good "just in time" calculation, but for
something like a CA, I'd hope that Alice would contact you directly,
and work out something more airtight.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson