[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SDSI and key distribution

Raph Levien writes:
> Wei Dai wrote:
> > Let me propose a simple solution to this problem: a secure public database
> > that allows lookup using arbitrary octect strings.  Each entry in the
> > database contains a Principal: object, and is indexed by a string that
> > serves as a short hand for the principal.

Yeah, and we could call it X-500.com :)  [Just kidding...]

>    Uh, building such a database is _exactly_ what I meant by the "ket
> distribution problem." Making such a database secure is not easy. Making
> it scale, and coordinating the administration of such a database, are
> also very important.

Making such a database scale is not the problem, simply because such a
database _can't_ scale to global proportions.  What is possible though,
is to use such mechanisms as jumping-off points for private entities
to provide the top-level indexing for you.  Instead of expecting one
organization to handle everything and not planning distribute the
authority (the problems with the NIC concept for domain name registration
not scaling up being a good example...) we should assume that more
"distinguished root" will be created over time.

Thus Bob can tell Alice that he is "Identity!! bob.jones" and Alice
can put "FooBar!! Alice.the.Netgrrl" on her business cards.

The SDSI docs imply that there will be very few of these distingshed roots,
I think that it is a mistake to make such limits initially.  Instead of
imposing limits on distinguished roots, what is needed is a well-defined
process for adding new roots and updating the distinguished root list.
As long as distinguished roots cross-certify each other (and I can think
of no reason why they wouldn't) then the user only needs to be able to
get to one, or possibly a small subset, of the distinguished roots to
chain back to the root they want to use to resolve a particular reference.
I disagree with the idea that distinguished roots should be considered
"global", rather I think they should be considered well-known entities.
In other words, you may not be holding a key for any particular distinguished
root, but you should be able to follow a graph back to the root in question
with few hops given any other known and trusted root.