[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java programs, etc.

Some mysterious entity uttered:
>   - augmented ?

And another replied:
> Never.

Hm.  I can issue a cert authorizing Alice to read and write in my 
"/tmp/foo" directory, and then later I can issue another one 
authorizing Alice to read and write my "/tmp/bar" directory.
Alice is going to present these certificates at my firewall,
which is going to take them, inspect them, generate similar
certificates signed by itself, and then forward her WebNFS packets
along with the new certificates to my WebNFS server.

Now, the firewall _knows_ that anyone who is allowed to read
and write "/tmp/foo" and "/tmp/bar" is also allowed to read and
write "/tmp" itself.  This is just my own personal policy.

I have given the firewall instructions to compile certificates like
the ones Alice has into a single certificate, issued by the 
firewall, stating that Alice can read and write in the "/tmp" 

Thus, the firewall is going to, if not "augment", then at least
"combine" Alice's certs.

My own opinion is that no general scheme of cert-combination will 
be generally useful enough to justify its SPKI-learning-curve cost,
and that SPKI v1 should ship without any such general scheme.  
Ultimately the rules that my firewall uses to combine Alice's certs
will depend solely on my instructions, and my instructions may or 
may not encode nicely into "*-format" tags or any other particular

I think that "*-format" and all other such schemes should be 
published separately as appendices or auxiliary material to SPKI.


Zooko Journeyman

Disclaimers follow:  I am not a cypherpunk.  NOT speaking for 
DigiCash or any other person or organization.  No PGP sig follows.

Follow-Ups: References: