[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thoughts on the draft

To: Carl Ellison <cme@cybercash.com>
Subject: Re: Thoughts on the draft
From: "Angelos D. Keromytis" <angelos@gradin.cis.upenn.edu>
Date: Tue, 03 Sep 1996 15:40:56 EDT
Cc: Kent Crispin <kent@bywater.songbird.com>, angelos@gradine.cis.upenn.edu (Angelos D. Keromytis), spki@c2.org
In-Reply-To: Your message of "Tue, 03 Sep 1996 14:10:35 EDT." <3.0b11.32.19960903140442.0053fbc8@cybercash.com>
Posted-Date: Tue, 3 Sep 1996 15:40:57 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----


In message <3.0b11.32.19960903140442.0053fbc8@cybercash.com>, Carl Ellison writ
es:
>In general, if you have ((Certificate-data)(Sig 1)(Sig 2)(Sig 3)...(Sig n)),
>does the interpretation of the cert depend on the other signatures at all?
>If so, I believe we're in PolicyMaker domain.  If not, then it looks like a
>space-saving abbreviation.
>
I would tend to think signatures are independent; even if we mandate
that you have to have K out of N, this is a policy/implementation
issue, since each signature will individually verify.
Otherwise we'd have to use partial signatures, where the algorithm
actually requires K out of N valid signatures to verify the whole
signature.
I guess this looks a lot like the MAY-DELEGATE situation, where it's
not enforcable by technology (maths/algorithms).
- -Angelos


-----BEGIN PGP SIGNATURE-----
Version: 2.6
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBMiyJw70pBjh2h1kFAQEefQQAiIQVnkBhnHVbjKJfKETrNRDwQeY/gObJ
C4RDVWY7OWvr6Waa6ygNowGpbyMO2rRi63EHlWYAgBjjZBy3Yhgo2dtouZ/ZQanb
sVTG2qfMqhkIrN8HvIxCGr0G39CmgZnZcctiMvu6x4tJK+3MPZzoCxeic8lzRQQL
+/xjPxoEo0k=
=HAQu
-----END PGP SIGNATURE-----

References:

Re: Thoughts on the draft

From: Carl Ellison <cme@cybercash.com>

Prev by Date: Re: Thoughts on the draft
Next by Date: Re: Thoughts on the draft
Prev by thread: Re: Thoughts on the draft
Next by thread: Re: Thoughts on the draft
Index(es):
- Main
- Thread