[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on client auth

To: frantz@netcom.com (Bill Frantz)
Subject: Re: comments on client auth
From: Carl Ellison <cme@cybercash.com>
Date: Thu, 20 Jun 1996 10:14:45 -0400
Cc: "Brian M. Thomas" <bt0008@entropy.sbc.com>, peter@VeriSign.com, spki@c2.org
Sender: owner-spki@c2.org

At 10:47 PM 6/19/96 -0700, Bill Frantz wrote:
>We must be careful to build systems where princpals will not want to share
>keys.  I think this goal will be hard to meet, considering how often people
>share passwords in the real world.  One implication of this goal is that it
>must be easy to pass selected parts of one's privileges to other actors. 
>(It is already easy to pass your secret key, and passing it shares all your
>privileges.)

The hard part I envision here is the generation of authority statements
(what I used to call Meaning) for certs.  I generated a list for CyberCash
the other day (just for current protocols plus SET -- none for internal FTP
access, etc.).

Here's what I came up with there:

"For now, I believe we need the following specific authorities (where
<brand> is MC or VISA or whatever other card brand joins the SET protocol):

CC-WALLET: <walletID>
SET-ACCT: MC,5321012345678901,199610
SET-ACCT: VISA,4758123456789012,199701
SET-BLIND: <brand>, XXXXXXXXXX ,YYYYYYYYY 
SET-MER: <brand>,<merchantID>
SET-CCA: <brand>
SET-MCA: <brand>
SET-PGWY: <brand>
SET-PCA: <brand>
SET-GCA: <brand>
SET-BCA: <brand>
SET-ROOT:

as well as explicit authorities for securing internal command and control
operations."

Notice that I left the most important part unspecified.

I would like it if each of you would take a crack at generating a list of
authority lines for things like machine access or whatever else is important
to you.  We also need to be able to specify if the authority holder has the
authority also to delegate it -- and if so, how far (maybe a permitted hop
count?).

If this were files, we could imitate UNIX (rwx) permissions and give each
one an optional hop count besides with the rule that any delegation has to
use a strictly lesser hop count.  Let's expand that set to (rwad) (read,
write, add, delete):

E.g.: for file system access

FS: (R4W1A2D1) /home/user/cme/spki/

Etc.

Could you each come up with a list of such Auth: lines that your apps need?

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                              http://www.cybercash.com/    |
|207 Grindall Street           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103       T:(410) 727-4288     F:(410)727-4293        |
+--------------------------------------------------------------------------+

Prev by Date: Re: comments on client auth
Next by Date: Re: comments on client auth
Next by thread: Re: SDSI name interpretation
Index(es):
- Main
- Thread