[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Other *-forms for dates and times, and love

To: bryce@digicash.com
Subject: Re: Other *-forms for dates and times, and love
From: "Brian M. Thomas" <bt0008@entropy.sbc.com>
Date: Tue, 8 Apr 1997 12:00:38 -0500 (CDT)
Cc: spki@c2.net
Sender: owner-spki@c2.net


> Hm.  I'm thinking that someone _might_ actually invent a
> tag-intersection rule that can't be codified in a Java program.
> 
> 
> Something like "I hereby delegate my telnet capability to all those
> people mentioned in the original certificate whom I love.".  :-)
> 
> 
> Or "I delegate the authority to execute all of the programs 
> mentioned in the original certificate as long as they terminate.".
> :-)
> 

Or any language at all, except where you had enumerated or otherwise
expressed the set of "whom I love" or "they terminate".  This would likely
be in other certificates, and you have the PolicyMaker option to merge them.
This is, of course, a very different thing from chains from issuer to subject,
but a combination of privileges to yield another implied privilege, subject
to a stated policy (in another cert, most likely).  This is among the things
I found so wonderful about PolicyMaker.

brian


Brian Thomas, CISSP - Distributed Systems Architect  bt0008@entropy.sbc.com
Southwestern Bell                                    bthomas@primary.net
One Bell Center,  Room 34G3                          Tel: 314 235 3141
St. Louis, MO 63101                                  Fax: 314 235 0162

Prev by Date: Re: Other *-forms for dates and times, and love
Next by Date: Java programs, etc.
Prev by thread: Re: Other *-forms for dates and times, and love
Next by thread: Re: Other *-forms for dates and times, and love
Index(es):
- Main
- Thread