[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Blind signatures; archives?

At 11:40 AM 6/24/96 -0400, Carl Ellison wrote:
>At 07:53 AM 6/24/96 -0700, Hal wrote:
>>The recent proposals for credentials, such as Carl Ellison's and SDSI,
>>don't lend themselves to this.  The meaning of the signature is embedded
>>in the signed material.  If that material is blinded, the signer can't
>>know what claims are being made in the material that is signed.
>>For blinding to work (as far as I can see) the signature key itself
>>must determine the meaning of the signature. 
>If I understand you, you want a signature on a blinded key to become a
>certificate the issuer didn't know he made and you want all the content of
>that certificate (not just "meaning", now called <auth> in the Internet
>Draft I'm working on, but also validity dates, etc.) to be provided in the
>signature key itself.
>There is that possibility.  See the signatures on lissa@world.std.com in the
>PGP key database.  However, I think we need to go back to the drawing board
>and find a way for just the signature key to be blinded while the other
>content isn't.  Meanwhile, I believe there is a huge need for non-blinded
>certs and believe we can't wait for the results of that effort.

Would it be possible to have a valid SPKI cert which consists of just a
<key> and a <signature>?  In other words, the <auth> field would be empty. 
I can see all kinds of problems with how you represent an empty <auth>
field so blinding would still work, and I agree with you about the time

Bill Frantz       | The Internet may fairly be | Periwinkle -- Consulting
(408)356-8506     | regarded as a never-ending | 16345 Englewood Ave.
frantz@netcom.com | worldwide conversation.    | Los Gatos, CA 95032, USA