[OpenID] why is xri so obtuse?
James A. Donald
jamesd at echeque.com
Tue Jan 2 23:36:22 UTC 2007
James A. Donald
> > > > > > A full implementation of Zooko's triangle is
> > > > > > multi rooted, and functions similarly to the
> > > > > > way we handle actual human names or words in
> > > > > > the English language. You don't have to
> > > > > > apply to anyone for permission to use a
> > > > > > name, or pay a fee to someone for use of
> > > > > > that name, nor can that name be suddenly
> > > > > > taken away from you after you have developed
> > > > > > a lot of customer loyalty towards that name.
> > > > > But you most likely do have to apply to
> > > > > someone for the key, which is the important
> > > > > part of the system.
James A. Donald:
> > In that proposed implementation,
> > [http://www.skyhunter.com/marcs/petnames/IntroPetNam
> > es.html] the keys are public private key pairs, so
> > you do not have to apply to anyone for them. Public
> > private key pairs are always self generated.
> Self-authenticating, yes, but self-generating key
> pairs are never "securely unique," a requirement of
> the system.
Self generated public private key pairs *are* securely
unique. Think about it.
Assume that there are a billion billion keys in use.
Assume these keys are the smallest useful keys, 160 bit
EC keys. Calculate the probability of deliberately or
maliciously duplicating an existing key.
Suppose want to maliciously duplicate someone else's
key, anyone else's key, any one of those billion billion
existing keys. Assume you have a supercomputer that can
generate a billion billion keys a second and compare
each of those keys against the billion billion existing
keys. How long is going to take you?
More information about the general