[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Blind signatures; archives?
>Would it be possible to have a valid SPKI cert which consists of just a
><key> and a <signature>? In other words, the <auth> field would be empty.
>I can see all kinds of problems with how you represent an empty <auth>
>field so blinding would still work, and I agree with you about the time
This is what I see as a fundemental flaw in all the proposals so far. It is my
belief that you need to separate Identity and Authority into different
types of certificates. This allows you to include a key with all
transactions. This key can then be used to establish Identity (if needed)
and/or Authority (if needed). This binding should be done at the time the
transaction is executed.
Jeff Parrett (firstname.lastname@example.org)
The stars are the limit!