[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Java programs, etc.
-----BEGIN PGP SIGNED MESSAGE-----
At 11:58 AM 4/16/97 -0700, Peter Williams wrote:
>Im trying hard to get at the essential protection philosophy embodied in
>SPKI/SPKI. Whereas for X.509 concepts, it all about managed
>names and trust based on brand recognition, SPKI/SDSI is
>responding to a distributed notion - in which security
>is the a function of the collective, and the very size and dynamics
>of the domain manages the risks. The capability chains are really a navigation
>tool across the risk factors, and thus fit ideally for addressing
>the security problems faced by routing protocols, and n*n party
>communication services.
Hi Peter,
I'll be interested in seeing what you come up with. However, I don't think
size of the domain manages risks, unless you mean small size. Each trust
decision (like each naming decision in pure SDSI) is a local decision, based
on local factors. It is therefore free from some nasty assumptions (e.g.,
that the name used in a global X.509 namespace refers to the same entity you
think it does).
- Carl
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBM1aGZ1QXJENzYr45AQFQxwP8CPRlcb7meWCFcCEyd2WM/pqpPVyrtYkf
Q+1Vsz14/4NtGl/1JOqSMxToTvgVTmiwHwEbbzTLwDokzvzeelVufwoDAQJPHJWu
aFwyRcmBoDGGz8qELOK4TlPgNTMDpc0eNHVnUyhVyhMCXNpz2eGdlKjUCVenjGlV
AaaoVC3swEo=
=8dX+
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: