[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SDSI and key distribution

On Tue, 7 May 1996, Raph Levien wrote:

>    Uh, building such a database is _exactly_ what I meant by the "ket
> distribution problem." Making such a database secure is not easy. Making
> it scale, and coordinating the administration of such a database, are
> also very important.
>    As long as you have such a database, why not just use e-mail
> addresses as the index, instead of creating yet another name space? You
> must admit that this is by far most convenient for users.

I think you're missing my point somewhat.  The reason to explicitly state
that the index strings have no meaning other than as indices to Principal: 
objects is to avoid the need for the administrators of the database to
verify that meaning.  Because the index allocation is first come first
serve and there is no meaning attached to indices that need to be
verified, the administration can be almost completely automated after the
system is set up. 

I don't think scaling is too much of a problem either.  Assuming each
person on the planet has 4 principals, each 250 bytes, that's only 5
terabytes total. The database servers can be distributed and do not need
to be secured, because each entry can be individually signed at some
central facility.

Wei Dai