[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] GNotary

From: Sebastian Hilbert
Subject: Re: [Gnumed-devel] GNotary
Date: Tue, 30 Aug 2005 09:23:37 +0200
User-agent: KMail/1.8.2

On Tuesday 30 August 2005 02:23, Syan Tan wrote:
>the problem with the networked gnotary idea seemed to be uptake : would
> people who ran gnotaries always be independent ?

>Hashing the logs and publishing it in a paper seems to be a good idea. At a 
document level, if the document was a program and the program was 
obfuscatable, and the hash was md5 , then you could do the
> 2-documents-in-1-with-switching-on-the-identically-hashing-appended-block
> attack.

The hash is not md5 nut sha256 and ripmd160. I hope this makes a differences. 
If not. Tough luck. 

Why would people who ran notaries not be independent. They could build a 
network and share customers, thus allowing the customer to use any of the 
notaries in the network. But they don't have to.

What many people don't understand is the fact that it is up to the customer to 
obtain the hashes we don't care which hash you send us. If you use md5 client 
side or something weaker this is entirely your problem. You could even send 
us plaintext strings in your mail. Why would the GNotary server care ? 

It is our duty to sign what you send us. It is not our duty to keep you from 
sending us stuff that does not make sense. Our service is to *help* you being 
able to tell that the hash you produce in a couple of years matches the one 
you sent us years ago and which we signed.

What about the real world ? If you find a notary who publicly states that the 
document you provide today is genuine who tells you you did not buy this 
person. In relaity it is even easier. There is not math behind a notary 
person. It is their word that counts.

With GNotary it is the math plus their word. So it would make sense for a 
reallife notary person to run a GNotary service.

Sebastian Hilbert 
Leipzig / Germany
[]  -> PGP welcome, HTML ->/dev/null
ICQ: 86 07 67 86   -> No files, no URL's
VoIP: callto://address@hidden
My OS: Suse Linux. Geek by Nature, Linux by Choice

reply via email to

[Prev in Thread] Current Thread [Next in Thread]