[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The word "certificate"

At  3:37 PM 4/5/96 -0500, Carl Ellison wrote:
>>Subj: Re: My comments on the X/Open PKI requirements document
>At 11:46 AM 4/5/96 -0800, Bill Frantz wrote:
>>(The interesting item here is
>>that you don't absolutely need certificates for distributed capabilities.)
>I have the habit of using the word "certificate" to mean any signed
>statement while I'm sure some others use the word to refer only to a signed
>binding between a name and a key.
>Which way were you using the word in your last sentence?

I was using it in your form.  You don't need signatures, knowledge of a
shared secret is enough to define a capability.  Anyone knowing the secret
has the capability.  Signing may have certain operational advantages, but
the signing can be by the platform where the object lives, and not some
global authority.

Regards - Bill

Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA