[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Out on a loop

> From: Carl Ellison <cme@cybercash.com>
> Ed,
> SPKI made its radical departure from X.509 by saying that we have *two* 
> issues here -- key security and authorization -- and the authorization was 
> getting inadequate attention.  We care about both, but of those two 
> authorization is the more important.
>    [...] 
> So, to help you break loose from your X.509 mindset, let me suggest a 
> thought experiment.  X.509 has had us all try to pretend that what we care 
> about is CPS and key protection and such things as the most important thing 
> and that second comes some practice of establishing identity in a way courts 
> would accept and left for future discussion is the issue of passing 
> authorization.  Instead, how about you spend a month or two imagining the 
> SPKI world in which the most important thing (and, if push comes to shove, 
> the only important thing) is authority to speak on matters contained in the 
> authorization field while *no* CPS is ever written or read, key management 
> is an individual affair (as with PGP today) and any names are strictly for 
> the issuer's own convenience.

That sounds like a perfect characterization of the SPKI effort, and a
useful effort it is.  However, it has nothing to do with building a Public
Key Infrastructure.

If you would just call it the "Public Key Authorization Protocol", and
stop referring to it as "a radical departure from X.509" or otherwise
comparing it to PKI mechanisms, a lot of confusion would be avoided.
You bring this upon yourself by using the words "Infrastructure" and
"Certificate" instead of more descriptive terms like "Authorization"
and "Ticket".

Comparing SPKI to X.509 is like comparing TLS or S/MIME to X.509 -
they are "radical departures" because they don't even address the same
problem space.  The work being pursued here has the potential to address
the problems that MISSI's prbac and lrbac (partition and local rule based
access control, respectively -- don't ask! :-) and NIST's Role-based
access control efforts are trying to address, and there is a great
opportunity for cross-fertilization.  There is the possibility of
carrying SPKI-defined objects within X.509 certs just as RBAC and PRBAC
are carried within X.509 today.  But call them something else, please.

Dave K.