[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Trust and Transitivity

> This discussion reminds me of the Trusted Computer Base Evaluation Criteria model, from the governments of the USA, Canada and England. It has object typing and with a trust model. I am not exactly sure it matchs the exact issues of what you are discussing, since I follow this list off and on.  It is based on" ideals and lattice theory".  In a very simplified statement, one can trust some one equal or higher, but not someone lower in the hierachy.  Example if A is rated as medium-sensitive and B  is rated as very-sentitive. Then A could trust B, But B could not Trust A.
> Now this is transitive in one direction A trust B and B trusts C implies that A trusts C,  but not C trusts A.
> Hope I did not miss the mark on this dialogue. If so forgive....

It is true that in SPKI's model the transfer of trust is directional,
but it is also linear, rather than hierachical.  It's not clear that
you really refer to a hierarchy, although I suppose that you could
think of it as a hierarchy.  The point is that position means nothing,
as in higher or lower, only the explicit directional linkage of
authority from one key to the next, originating at the verifier's and
ending at the supplicant's.  It's what the S stands for - simple.

As to what this dialogue is about, well, I don't think I want to touch
that.  In large part there has been a confusion of what certificates
can and can't do, and of what they are and aren't expected to do, and
I'm tired.


Brian Thomas, CISSP - Distributed Systems Architect  bt0008@entropy.sbc.com
Southwestern Bell                                    bthomas@primary.net
One Bell Center,  Room 34G3                          Tel: 314 235 3141
St. Louis, MO 63101                                  Fax: 314 235 0162