[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ga] Registration process suggestion
I think a solution that relies on access to a CA will be biased against
most of the world. CAs are not accessible to most people in most
countries, at least not yet. then there's the problem of concentration in
the CA market .... we don't have a clear idea of what a trustworthy
identity cert is likely to cost in even the near future.
If a lower-tech system can prevent most fraud, or make it hard, that may
be good enough. Postcards, anyone?
On Thu, 3 Feb 2000, Roeland M.J. Meyer wrote:
> There are two problems extant.
> 1) Aliasing and masquerading, usurping someone else's email identity.
> 2) Multiple identities for the same individual.
>
> The first one is easily automatable.
>
> a) Voter registration system has PK set
> b) Voter registration system *is* a voter CA.
>
> 1) Voter generates/obtains x.509 key set (see your local CA)
> 2) Voter submits registration form along with public key and CRL.
> 3) System return, via email, voter CA certificate.
>
> All further email, both ways must be signed, after this point, including ALL
> discussion list submissions. Those not signed or failing certification do
> not get posted.
>
[...]
--
A. Michael Froomkin | Professor of Law | froomkin@law.tm
U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA
+1 (305) 284-4285 | +1 (305) 284-6506 (fax) | http://www.law.tm
-->It's warm here.<--