[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Any more comments on the whois++ SPKI proposalette?

Carl Ellison wrote:
> >6) The SPKI should be useable with at least one standards track directory
> >   protocol. 
> What do you mean by (6)?

Simon got caught! I think you caught him advocating Whois++ in a
sneaky way... :)

Seriously, though, that requirement might better be stated as a rider
to the "MUST be tranferrable by mail" requirement. It should says,
"... and MAY have some indexable components", so that other
applications (including mailservers, web crawlers, and directory
service systems) can _find_ the key, if the owner wants it to be

The must/may is important here. For some of the uses you have
mentioned, there's no need to bind a key directly to a person, and so
there'd not likely be much to index on in an anonymous key. I
wholeheartedly agree that anonymous keys will be useful. However,
for some _other_ uses, I'd like to be able to search repositories for
keys matching certain attributes.

I may be searching for the most recent version of a key for a
colleague (to refresh a key I hold that is expired, maybe). In that
case, I need to search on some relatively unique parts of the key I
have, in order to find a fresher one (I'd imagine searching on "name"
and "key-fingerprint" ought to be enough). It might even be
possible/useful to search on other attributes. I can see a potential
use for queries like, "Show me all keys in the repository that belong
to banks willing to handle a transaction of size $X".

If you choose the right technology for your repository, it can be
distributed, etc, making all of these searches scale to the global
scale, if necessary. And, of course, _I'll_ tell you that's
Whois++. :) It can be anything, really, including future services like
the e-mail-based PGP keyservers in use today. Whatever system you use
will be useless unless there are parts of the key that are searchable.

    Jeff Allen <jeff@bunyip.com>   |   For information about Bunyip
Bunyip Information Systems, Inc.   |   send e-mail to <info@bunyip.com>

Follow-Ups: References: