l4-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Restricted storage

From: Jonathan S. Shapiro
Subject: Re: Restricted storage
Date: Thu, 01 Jun 2006 05:21:21 -0400 
On Thu, 2006-06-01 at 10:20 +0200, Bas Wijnen wrote:
> On Wed, May 31, 2006 at 08:23:53PM -0400, Jonathan S. Shapiro wrote:
> > Indeed. And while we are about it: where do you propose to store keys
> > that are used for group signatures?
> 
> In some place that cannot be destroyed by any of the members of the group, but
> only by the group administrators.  That is, in a special user account created
> specially for that group.

Ah. So you propose that the computational "right of assembly" should be
present only with the consent of the system administrator?

> > The objects holding such keys must be shared, and all parties need to be
> > able to verify the storage safety and the identity (in the sense of "what
> > binary is executing here") of the key management object.
> 
> Yes.  They can do that socially.

No. The entire point of the need to verify is that you *can't* do that
socially, because you are forming a collaboration in which the parties
do not have absolute trust in each other. Where absolute trust exists,
no verification is necessary.

I will note only that absolute trust has never been observed in the
wild, and people have been looking for it since (at least) the beginning
of recorded history. And I don't just mean computationally.


shap
reply via email to
[Prev in Thread] Current Thread [Next in Thread]