You publish something. How can you assert that it is something about which you have expertise? Traditionally one gives credentials of an educational or professional degree. In the modern age, we can do one better. One cryptographically signs the published document, and the key that one signs with is itself signed by the degree granting institution asserting that the subject does have a certain degree in a certain field. This is sort of an electronic diploma.
One can have an anonymous key signed, which makes it possible to anonymously publish something while still asserting a degree. This is traditionally not possible. There is a PKI problem of a compromised account, or a bad alumnus/alumna who creates and divulges many anonymous signed keys which cheapens the degree for all alumni. The ability to search for all documents signed by a particular key helps (to independently investigate whether a particular key may be trusted). Another is to be able to query the degree granting institution about the dilution factor of a key: How many non-revoked anonymous keys does the owner of this key have outstanding?
Another way might be the anonymous signature is generated "live" by the degree institution from a hash of the document and non-anonymous authorization of the subject.
Both have the problem that anonymity might be broken by compromising the institution.
No comments :
Post a Comment