[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Delegate

To: cme@cybercash.com, kent@songbird.com
Subject: Re: Delegate
From: "Brian M. Thomas" <bt0008@entropy.sbc.com>
Date: Tue, 17 Dec 1996 15:03:57 -0600 (CST)
Cc: frantz@netcom.com, spki@c2.net

> As I understand it, the meaning of this flag is "has permission to
> create a new certificate with the same or some subset of the
> privileges of this certificate".  So I would call it the "CreateCert" 
> permission bit.  If your certificate has it, you can create new 
> certificates; if it doesn't, you can't.  Implicit is the idea that 
> the new certificate could have less authority (including not having 
> the "CreateCert" flag set.)
> 
> While I can imagine circumstances where a small integer value would 
> be meaningful, it's a real stretch.  I vote for the boolean...

This may be excessive, but now that the topic has been opened, I'll throw
in what must be considerably less than two cents' worth.

The meaning of the flag in practice is, "I, the undersigned issuer,
hereby authorize the acceptance of certificates conveying the specified
privilege when signed by the subject of this certificate."  The language
I'm hearing suggests that people may be forgetting this:  that these
are instructions to the validator, not prohibitions on subordinate issuers,
who can do what they want.  Bill's point about truth in advertising is
perfectly valid, but from that point of view I am entirely satisfied that
the system does not facilitate what it cannot prevent.

The granting of a privilege is one thing; the granting of the authority
to grant it is another, hence my suggestion that one may be a special
case.  I would like to be able to say that I trust A to grant a
privilege only to appropriate people without feeling compelled to say
that I trust him with the greater responsibility of granting authority
to grant it.  So I think that one is as different from zero as from infinity,
but two is not different enough from either as to warrant consideration.

Then, Don's point is perfectly good too:  better to have and not need, etc.

I'm sorry if I'm not really helping a decision, there were just those
things I wanted considered, though I've probably said them before.

brian

Brian Thomas - Distributed Systems Architect  bt0008@entropy.sbc.com
Southwestern Bell                             bthomas@primary.net
One Bell Center,  Room 34G3                   Tel: 314 235 3141
St. Louis, MO 63101                           Fax: 314 235 0162

Prev by Date: Re: Delegate
Next by Date: Re: Delegate
Prev by thread: Re: Delegate
Next by thread: Re: Delegate
Index(es):
- Main
- Thread