[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Blind signatures; archives?

At 07:53 AM 6/24/96 -0700, Hal wrote:
>The recent proposals for credentials, such as Carl Ellison's and SDSI,
>don't lend themselves to this.  The meaning of the signature is embedded
>in the signed material.  If that material is blinded, the signer can't
>know what claims are being made in the material that is signed.
>For blinding to work (as far as I can see) the signature key itself
>must determine the meaning of the signature. 

If I understand you, you want a signature on a blinded key to become a
certificate the issuer didn't know he made and you want all the content of
that certificate (not just "meaning", now called <auth> in the Internet
Draft I'm working on, but also validity dates, etc.) to be provided in the
signature key itself.

There is that possibility.  See the signatures on lissa@world.std.com in the
PGP key database.  However, I think we need to go back to the drawing board
and find a way for just the signature key to be blinded while the other
content isn't.  Meanwhile, I believe there is a huge need for non-blinded
certs and believe we can't wait for the results of that effort.

 - Carl

|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                              http://www.cybercash.com/    |
|207 Grindall Street           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103       T:(410) 727-4288     F:(410)727-4293        |