[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
definition of cert - trust in SPKI certs
Hello,
Hope these questions weren't answered before:
1 Many certs in SPKI will be signed by the subject. In X.509,
"to certify" means your key is signed by some one else; and
"to sign" means you sign something yourself.
So all signed messages are certficates in SPKI?
2 X.509 talk about a CA hierarchy, in SDSI, there are some
CA roots. Does SPKI also defines a way to put trust in the
certficates?
This looks to me the biggest problems of PKI's: how to let
people trust a cert...
X.509 alone may not be enough for this, they need the help
of laws and regulations about CA's.
MC (Meta Certificates, http://novaware.cps.softex.br/mcg.htm)
solves the problem by giving the users multiple authentication
channels and letting him be responsable for trusting a public
key.
How will SPKI do this? Other ways, the same ones, a mix, ...?
Thanks, greetings, Stef
Follow-Ups: