[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Blind signatures; archives?

>Would it be possible to have a valid SPKI cert which consists of just a
><key> and a <signature>?  In other words, the <auth> field would be empty.
>I can see all kinds of problems with how you represent an empty <auth>
>field so blinding would still work, and I agree with you about the time

This is what I see as a fundemental flaw in all the proposals so far. It is my
belief that you need to separate Identity and Authority into different
types of certificates. This allows you to include a key with all
transactions. This key can then be used to establish Identity (if needed)
and/or Authority (if needed). This binding should be done at the time the
transaction is executed.

Jeff Parrett (starman@llnl.gov)
The stars are the limit!