[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
> A user specifies a policy such as "this browser should only
> display web pages that have been have rating "sexual content
> less than 4" according to the rating system defined by
> rating system organization RSO. Any rating organization
> authorized by RSO can provide these ratings.
> How well does this fit into the SPKI/SDSI model?
I think this fits well, as Matt Blaze et al showed at the DIMACS trust
management workshop, with PolicyMaker supported by SPKI certs. The
authorization is one that needs to execute some kind of more or less
arbitrary code, to determine compliance of the submitted document with
the policy in the cert.
Brian Thomas, CISSP - Distributed Systems Architect firstname.lastname@example.org
Southwestern Bell email@example.com
One Bell Center, Room 34G3 Tel: 314 235 3141
St. Louis, MO 63101 Fax: 314 235 0162