[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SDSI syntax

The ability to nest objects inside each other is tremendously powerful
and useful.  That is one reason why in SDSI[1] Butler Lampson and I
decided in favor of fully parenthesized S-expressions, rather than having
data structures that are flat (as I understand the whois++ data structures

( Principal:
   ( Public-Key:
      ( Algorithm: RSA-with-SHA-1 ) 
      ( N: =Hi7KugV013Tv978d00vCpQ== )
      ( E: #11 ) )
   ( Global-Name: ( ref: VeriSign!! WebMaster Bob-Jones ) )
   ( Principal-At: "http://abc.webmaster.com/cgi-bin/sdsi-server/" )
   ( Server-At: "http://xyz.webmaster.com/cgi-bin/sdsi-server/" )

Then a Principal can be nested inside a Signature, and that can be
at the end of a Cert, which might be part of a Credentials list, which
itself might be part of a Signed object, which might be part of a
Get protocol message.  

[1] http://theory.lcs.mit.edu/~rivest/sdsi.ps (or sdsi.tex)