[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Java programs, etc.
Some mysterious entity uttered:
>
> - augmented ?
And another replied:
>
> Never.
Hm. I can issue a cert authorizing Alice to read and write in my
"/tmp/foo" directory, and then later I can issue another one
authorizing Alice to read and write my "/tmp/bar" directory.
Alice is going to present these certificates at my firewall,
which is going to take them, inspect them, generate similar
certificates signed by itself, and then forward her WebNFS packets
along with the new certificates to my WebNFS server.
Now, the firewall _knows_ that anyone who is allowed to read
and write "/tmp/foo" and "/tmp/bar" is also allowed to read and
write "/tmp" itself. This is just my own personal policy.
I have given the firewall instructions to compile certificates like
the ones Alice has into a single certificate, issued by the
firewall, stating that Alice can read and write in the "/tmp"
directory.
Thus, the firewall is going to, if not "augment", then at least
"combine" Alice's certs.
My own opinion is that no general scheme of cert-combination will
be generally useful enough to justify its SPKI-learning-curve cost,
and that SPKI v1 should ship without any such general scheme.
Ultimately the rules that my firewall uses to combine Alice's certs
will depend solely on my instructions, and my instructions may or
may not encode nicely into "*-format" tags or any other particular
system.
I think that "*-format" and all other such schemes should be
published separately as appendices or auxiliary material to SPKI.
Regards,
Zooko Journeyman
Disclaimers follow: I am not a cypherpunk. NOT speaking for
DigiCash or any other person or organization. No PGP sig follows.
Follow-Ups:
References: