[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: time and date

To: "Camillo Sdrs" <Camillo.Sars@DataFellows.com>
Subject: Re: time and date
From: Carl Ellison <cme@cybercash.com>
Date: Tue, 02 Dec 1997 16:02:19 -0500
Cc: Carl Ellison <cme@cybercash.com>, spki@c2.net
In-Reply-To: <347BE1D7.C47E4302@DataFellows.com>
References: <3.0.3.32.19971125104904.00a57bc0@cybercash.com>

-----BEGIN PGP SIGNED MESSAGE-----

At 10:46 AM 11/26/97 +0200, Camillo Sdrs wrote:
>It has been argued that sub-second precision is virtually the same as
>on-line checks.  I claim it is not.  Consider a (fictional) real-time
>process control system that uses SPKI certs to queue control jobs.  The
>precision for some control actions may be in milliseconds.  Applying such
>an action at the wrong point in time can be catastrophic.

These control functions might need microsecond or better precision.  Yes?

As one person wrote to me, off the list, it will be a long time before he 
has hardware capable of doing an RSA verification in a millisecond -- so are 
we talking about the time when he starts the certificate verification 
process or when he ends it?

I personally think that the process control example is far fetched.  If I 
were programming a process control application and I were forced to use 
times, I would prepare a file of control commands, each timed, and then I 
might sign the whole file with a properly empowered key.  I just can't see 
turning each file entry into a separate SPKI certificate.

I don't doubt that we could come up with some carefully orchestrated, timed 
scenario -- down to almost any time resolution -- in which keys are 
empowered or not -- but if a certificate fails to validate, the choreography 
is destroyed.  That suggests to me that it's not a real case.  If a 
non-valid certificate destroys the whole system, then these certificates 
aren't independent statements.

My inclination is to stay with the current format unless/until I hear
a persuasive argument.  Of course, we can always add the optional ".###"
to the end of a time and comparison still works.  I don't even mind changing 
the BNF for that.  I just don't believe we've come up with any case for 
needing such precision.  I'm also not convinced that it's possible to sync 
clocks.  I know the time protocol claims to do that, but it assumes that the 
one-way internet propagation time is 1/2 the round trip time, since it can 
measure only the round trip time.  To gross enough precision, that's 
probably true.  At fine precisions, I have no way of knowing.

 - Carl

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3

iQCVAwUBNIR3WRN3Wx8QwqUtAQH6yAP+ISg1Qkw+z92NCJpSlnJCW54IjsSRMBAR
0uj/K01BfK7aOGvWx4+cbzHXcwIhg7LSrbLawj67m0t/KDsTuOdGhtfORArXTgl8
vynHP2Bu/89R/+7rYUXQZ18hUegWAM4Ir8+Ac3UEibpJOHXNBg5MJbsedvEawgAT
zoBnIh3oDIY=
=iHth
-----END PGP SIGNATURE-----

+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street  PGP 08FF BA05 599B 49D2  23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

Follow-Ups:

Re: time and date

From: Vinnie Moscaritolo <vinnie@pgp.com>

Re: time and date

From: Bill Stewart <stewarts@ix.netcom.com>

References:

Re: time and date

From: Carl Ellison <cme@cybercash.com>

Re: time and date

From: "Camillo Sdrs" <Camillo.Sars@DataFellows.com>

Prev by Date: Re: three digital signature models ... for x9.59
Next by Date: Re: three digital signature models ... for x9.59
Prev by thread: Re: time and date
Next by thread: Re: time and date
Index(es):
- Main
- Thread