[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Multi-Tag-Cert Tag Creation and Validation

To: azb@llnl.gov (Tony Bartoletti)
Subject: Re: Multi-Tag-Cert Tag Creation and Validation
From: Carl Ellison <cme@cybercash.com>
Date: Thu, 17 Apr 1997 15:21:09 -0400
Cc: spki@c2.net
In-Reply-To: <199704142044.NAA28652@cheetah.llnl.gov>
Sender: owner-spki@c2.net

At 01:51 PM 4/14/97 -0700, Tony Bartoletti wrote:
>Peter Williams wrote:
>>Are SPKI tags limited to a single parent in their construction form?
>>Surely, the single-tag cert could need to reference multiple cert-id's
>>which grant it authority or other privilege.
>
>Certainly a single SPKI certificate may need to reference multiple
>authorizing certificates, but I cannot see how the validation process
>would be made to understand that a particular tag must be intersected
>with a peer-set of parent tags up the chain (mesh).

Each certificate has one issuer.  If you have multiple credentials which 
drive a PolicyMaker program, each would have only one issuer (possibly 
different ones).  I see no way to define a certificate which itself
has multiple issuers in any simple way.



+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

References:

Re: Multi-Tag-Cert Tag Creation and Validation

From: azb@llnl.gov (Tony Bartoletti)

Prev by Date: Re: Canonical form for signing S-expressions
Next by Date: Re: Canonical form for signing S-expressions
Prev by thread: Re: Multi-Tag-Cert Tag Creation and Validation
Next by thread: Re: Multi-Tag-Cert Tag Creation and Validation
Index(es):
- Main
- Thread