[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SPKI Charter
-----BEGIN PGP SIGNED MESSAGE-----
X.509 certificates are a distraction. They were originally designed
for one thing: to allow users to authenticate themselves to their
Directory so that they could update their Directory Entry. Attempts
to use X.509 for other applications is bound to result in a poor fit;
PEM's deployment difficulties highlighted this.
Rather than forcing every application to look a little bit like a
Directory, we should design a certificate format which is right for
what applications on the Internet need. This is especially important
because the application for which X.509 was originally intended has
not been deployed on an internet-wide scale.
We need to sit down and agree on:
- what a "principal"
- what a certificate is (at a philosophical level)
- what (in general) applications, users, and administrators
need from the public key infrastructure on the Internet
.. and then we can start arguing about encoding and
A principal is an entity which has exclusive legitimate
control over one or more private keys, and is known to others
by its public key and secondarily by one or more attributes.
Users are principals, hosts are (may be) principals,
"certification authorities" are principals, servers/daemons
are (may be) principals.
A certificate is a document, signed by one principal, which
binds a set of one or more attributes to a public key. It has
a bounded lifetime; particular certificates can be long-lived
An application is a system which uses the public key
infrastructure to help it protect the integrity of its data.
possible applications include: mail user agents, web browsers
and web servers, ip stacks, distributed file systems, etc.,
An attribute is a typed value which has some meaning to one or
more applications; it can be a user name, a DNS name, a mail
address, an IP address, or some other application- or
application-family specific value (e.g., a UNIX-oriented
distributed file system might want a user id and group set).
Certificate validation is the process of finding and verifying
a sequence or mesh of certificates and principals which form a
credible chain of trust between an implicitly trusted
principal and a certificate of uncertain provenance in order
to allow an application to trust one or more of the attributes
in the certificate.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----