[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PolicyMaker (was RE: Certs // RW vs CS)

rivest@theory.lcs.mit.edu (Ron Rivest) wrote:
>I might have a public key K1 that I use to make statements as a
>security officer of corporation X.  There might be a type I
>certificate that describes me and links me to K1.  Similarly there
>might be a public key KX that is the public key for corporation X, and
>a similar type I certificate linking X to KX.  The fact that I am the
>security officer of X is modelled by a type II certificate by KX that
>asserts that K1 can make certain kinds of statements with the same
>authority that KX would have to make those statements.  Such a statement
>might be of the form, "KY is the PK of (i.e. speaks for) an employee of 
>corporation X."  This is a type I certificate.  Another type of statement
>by KX might be of the form, "KY is authorized to make statements of the
>form, `KY, speaking for KX, says `I order $___ (<$500) worth of ___.' ' "
>This is a type II certificate.

Something in this vein that may be of interest to this group is the
'PolicyMaker' system from Matt Blaze (mab@research.att.com) et al 
at AT&T.  Matt posted about it on cypherpunks some time back, and a 
paper on the ideas is forthcoming. Aside from being a very interesting 
system in its own right, it has the interesting property of being 
able to accomodate PGP and X.509 certs (presumably other kinds too), 
which might help bring some peace to that aspect of the debate.  I also 
believe that code will be made available (always handy :-).

Frank O'Dwyer.