Things that are Similar to YURLs
YURLs are similar to other widely used and trusted technologies. This document lists these similarities.
In a PGP introduction, you provide a future correspondent with your email address and your PGP fingerprint. Later, the correspondent will download your key from a keyserver and authenticate it by checking that the fingerprints match. An email is encrypted to the authenticated public key before being sent to the target email address. Since you are the only one holding the corresponding private key, this process ensures that you are the only one who can receive the plaintext of the email.
The PGP message sending procedure enforces the y-property. Authentication of the message target is done relying solely on information obtained in the PGP introduction. The PGP fingerprint is the sole source of authentication information. PGP encrypts the email, providing a private communication channel. The target site is located using the email address.
When first connecting to an SSH server, the user is presented with output like:
The authenticity of host 'mail.waterken.com (22.214.171.124)' can't be established. RSA key fingerprint is 8c:4c:3b:56:4a:26:58:48:af:e3:2c:6d:f9:5f:0b:77. Are you sure you want to continue connecting (yes/no)?
At this point, the user is supposed to verify that the RSA key fingerprint matches that of the installed
SSH server. This information should be provided by the sysadmin who created the user's account on the
server. If the fingerprints match, the RSA key is accepted and stored in the user's
The SSH connection procedure enforces the y-property.
Authentication of the server is done relying solely on information obtained in the introduction
performed by the sysadmin. The RSA key fingerprint is the sole source of authentication information.
Future connections leverage a cache, the
Copyright 2002 - 2003 Waterken Inc. All rights reserved.