A better approach to security

[Ian G <iang AT cacert.org>]

On 07/02/2010 23:32, Lambert Hofstra wrote:

> One could think of for instance allowing a member to add a nickname in
> your cert (like peter.pan AT neverland.org).

I can see a few ways of doing this.  One is to write a subsidiary policy 
under AP that allows for how to verify nicknames;  another is to add 
another subroot that allows unverified nicknames.

Verifying nicknames is an oddity.  Do we verify it by existance?  Or by 
usage?  Or claim?

E.g., we could state that assurers allocate a small number of points for 
it, so it becomes available only to people who get assured a lot;  this 
proves some sort of existance-by-persistence.  But that might be 
discriminatory, and/or anti-privacy, by forcing people to use/reveal 
their nickname in public (or 25 assurances) first.

Or, do we verify the nickname by simple statement?  As long as a member 
states its existance & use, with some minor checks, we accept it?  "Iang 
states iang exists, CARS."  Or, in a single assurance, as recorded on a 
CAP, so we have the paper evidence.  This would be like a "statutory 
declaration" in the anglo world, a simple statement made "with penalty 
of perjury" or somesuch.

Another way is to have a subroot of unverified names.   So those who are 
keen on relying on the Name as strongly verified back to the government 
ID (for whatever reason) could filter on that subroot.  It is also 
possible to add various special flags into the cert ... but I don't 
think it is so easy to read those.


> However, CAcert somehow needs
> to verify the real identity of the account owner, so the account should
> at least have an official name of the owner. Official as in: written in
> an official ID document.


Right, so the point of Assurance is strongly related to establishing the 
membership status of that person, and tying the member to her account; 
usage of the verified information is a separate issue dealt with in CPS 
not AP.

What this might mean is that as we get more confidence in the 
account-member linkage, we might allow the person more freedom in names. 
 E.g., verified nyms for 50-point members and fantasy names for 100 
point members.

Just some thoughts.



iang

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature