[messaging] contrasting introduction secrets with public key fingerprints [was: Re: "Pseudoword" base32 fingerprints]

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Feb 6 17:21:05 PST 2014

On 02/05/2014 10:12 PM, Trevor Perrin wrote:
> I also think that fingerprints and
> "introduction secrets" may be complementary instead of mutually
> exclusive.

This is an important point -- these two ways of peer authentication
actually have pretty different semantics, and both semantics are
important in different use cases.  in particular:

Introduction Secrets
 * private
 * ephemeral
 * active
 * one-to-one (unicast)
 * third-party introductions are trackable/spoofable by the introducer

 * public
 * persistent
 * passive
 * one-to-many (broadcast)
 * third-party introductions can be both "blind" (the introducer doesn't
know who is using the introduction) and auditable (the introducer can be
held to account for spoofing).

it would be great to talk over some of the tradeoffs here if folks are
interested (though i'm happy to let the fingerprint discussion wrap up


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140206/fbd149df/attachment.sig>

More information about the Messaging mailing list