Re: [TML] ID (was :transponders)

Show/hide message thread

ID (was :transponders) shadow@xxxxxx (05 Apr 2019 06:34 UTC)

Re: [TML] ID (was :transponders) Bill Rutherford (08 Apr 2019 04:18 UTC)

Re: [TML] ID (was :transponders) Christopher Sean Hilton (08 Apr 2019 16:30 UTC)

Re: [TML] ID (was :transponders) Richard Aiken (13 Apr 2019 05:38 UTC)

Re: [TML] ID (was :transponders) Rupert Boleyn (13 Apr 2019 05:48 UTC)

Re: [TML] ID (was :transponders) Christopher Sean Hilton 08 Apr 2019 16:30 UTC

On Thu, Apr 04, 2019 at 11:34:09PM -0700, shadow at shadowgard.com (via tml list) wrote:
> An often overlooked fact is that IDs *never* prove who you are.
>
> What they do is "prove" (to the extent that you can trust their
> authenticity) that the issuing authority *believes* you are the
> person (or ship) that the ID says you are (or that they have their
> own reasons for wanting people to believe you are who the ID says you
> are).
>
> This is a very important difference that very few people ever
> realize.
>

Yep. People often assume that IDs prove who you are when what they
really do is confer a level of trust to the bearer. I check the
identification that you've presented to me and based on that, I figure
out how much I can trust you.

The amount of trust is always going to be situational. Doubly so in
deep space when you pick up a transponder signal that says that a
distant ship is a 400 dTon X-Boat tender capable of 1G Manuever and
outfitted with 4 beam lasers.

> With the transponder bit, the ship likely got issued some sort of
> registry code when it was built. Think VIN on cars. This might even
> be embedded in the frame or hull in several places. But if folks go
> looking for *that* you're pretty much hosed already.
>
> The ship's *name* would be tied ti the ID# somehow. Renaming a ship
> may be a bit complicated.
>
> "Salvaging" a hull to get a vaild ID# might be a not-uncommon
> practice.
>
> Dealing with extensive damage that got one or more of the ID#s could
> be a problem as well. It's not like they'd want it to be *easy* to
> replace or replicate the ID#s.
>
> Not sure how to tie this to the transponders though.
>

I assume that the transponder would be attached to the hull in some
way that's as tamper proof as possible. This could not be completely
tamper proof because physical access and time overrides all security
measures. Thus, the overall security of the transponder system would be based
partially on the tamper proof nature of the hardware and partially on
the expiry period of the certificates. Ideally the amount of time it
takes to extract a transponder from a hull would be longer than the
expirary period of a certificate. I assume that this would be
impossible to guarentee. If it is impossible to guarentee then
certificates a good engineering compromise would be to make
certificates short term and cheap.

The thing that makes transponders trustworthy as an identification
mechanism is:

   - The fact that most of the units in the field are valid;

   - It's reasonably easy to report units when you find them to be
     invalid.

In this second case I'm assuming that it's hard for a pirate to sack a
ship before it gets a message off which flags the pirate's transponder
attacker. If that's true, once the message goes out, the message would
travel at the speed of the X-Boat network.

--
Chris

     __o          "All I was trying to do was get home from work."
   _`\<,_           -Rosa Parks
___(*)/_(*)_____________________________________________________________
Christopher Sean Hilton                    [chris/at/vindaloo/dot/com]