[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The notion of an ``individual'' (e.g. person, corporation, process, or machine) is not required
-----BEGIN PGP SIGNED MESSAGE-----
Hi Peter.
At 01:37 PM 4/16/97 -0700, Peter Williams wrote:
>"Principals are public keys. Our system is ``key-centric'': SDSI principals
>are public digital signature verification keys. These public keys are
>central; everything is based around them. The notion of an ``individual''
>(e.g. person, corporation, process, or machine) is not required. Of course,
>such individuals will actually control the associated private keys, so that
>the public/private keys can be viewed as ``proxies'' for those individuals.
> "
>
>As should be evident from my mail sequence, Im trying to prepare
>a SPKI/SDSI pilot to help propel adoption of the ideas, and (of course)
>one element is to fixup the legal stuff so at least people know where
>they stand in relation to an issuer, and the act of issuance.
>
>Whilst academically, individuals as a system notion may not exist,
>legally they will always exist. Sorry if this offends you; its just
>true. As those who control private keys, they will be responsible, and
>the SDSI notion which is in concordance with SPKI does assert that
>essentially there is a proxy relationship between the [(re)liable]
>party and key, and a "speaking act" occurs.
I don't see a problem with this discussion.
I believe both original SPKI and SDSI were clear on the notion that in the
3D world there is a keyholder tied through private key security measures to
a key in cyberspace. Therefore, for every key which speaks in cyberspace
there is a keyholder in 3-D space.
(1)
KH(a) ----------- KH(b) 3-D world
| |
| |
| |
(2)| |(3)
| |
| |
| |
a ------------------- b Cyberspace
(4)
My take on the X.509 world is that the diagram above was assumed to have
links (1), (2) and (3) only. That is, all privs (1) were communicated in
the 3-D world and needed somehow to be mapped into cyberspace via (2) and (3).
Links (2) and (3) pointed down.
SPKI and SDSI consider a world in which relationships are formed in
cyberspace with no 3-D world contact. It was always possible to communicate
3-D relationships via the path (3)->(4)->(2) -- but if the only contact you
have is in cyberspace, you're forced to issue (4). In the pure cyberspace
model, links (2) and (3) point up (through certificates whose subject is
(keyholder K) ).
Similarly, I can imagine a legal document defining the meaning of a
cyberspace delegation of rights (4) which refers to the keyholder of
a given key as being the person to whom rights are being transferred.
Does this address your concerns?
- Carl
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBM1aJVlQXJENzYr45AQEC5QP/TRHv/2Ir7iRTM1c7rPdr9/5l5g2NEnWy
F+Hek7izQUjtePOR15Ob3HR4xU2CQTTJjp/oLHdz8MHQ/Eu5P7BOSc5ytu4t3RfV
rMNvv6qzFBetkK07x+765afosHQzXlcaYxxylSaE8PuYj8TBfglHx7SdS15ydZk6
gYfREWqb6wQ=
=P5Y6
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: