[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: current list of certificate uses

At 02:01 AM 2/29/96 -0500, Carl Ellison wrote:

>For the purpose of this list, a certificate
>is not a binding between a public key and an individual, as is commonly
>assumed.  That is an identity-based certificate.
>A certificate here is some signed object having at least the following
>fields: a Certifying-key, a Signed-key, a Meaning and probably a Validity
>period.  It is a digitally signed testimony to whom it may concern, stating
>some fact or granting some permission.  The list below is a brainstorming
>list, being accumulated on the SPKI mailing list, of uses of such signed
>statements -- such certificates.

1. For a nice formalization of certificates see Burrows, Abadi & Needham, "A
Logic of Authentication", ACM TOCS, February, 1990.  In their context, a
signed message is used to transfer "belief" in the sense that if one receives
a message "S" and is signed by X, that can be used to support a 
belief that "X believes S". If your policy lets you accept X as an authority for
"S-like" statements then you, too, might be willing to believe S.

That is, assuming:

2. You also believe that X still believes S. That is, that "X believes S" is
a "fresh" statement.

I don't think certificates are meaningful without a notion of freshness,
whether it be a validity period or some revocation scheme.


BAN logic is quite useful for blackboard certificate discussions. In the
formalism, a certificate S signed with key K is read, "K says S".  If
you believe that "X controls S" and "K says S" and "'K says S' is fresh" 
and "X has K as public key" then you, too, might have grounds to believe

-- Joe