[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Trust and Transitivity

Lets agree to use the term "authorization" in the sense of
your message, and "trust" for the meta-physical sense between 3d
objects which may 'modify' a parties 'acceptance' of authority, delegated
by another, or otherwise. How this acceptance is instrumented is
the function of the various authorization policies (one of the
100 X.509 policies, the SPKI policy, or yet new ones such
as the new MCs, and whatever gets invented next year)

Do we agree that authorization, represented for mechanistic
processing through certificate chains, is transitive and
that cert chains (a<<b>> b<<c>> ...) are a legitimate means of expressing
the delegation controls transfering some authority from one 3d party
to another?

Surely a positive response belongs at the heart of SPKI principals'
key and authorization distribution management, as it does to X.509's
notion of authority delegation to CAs to uphold agreed practices, and an
X.509 user
cert's delegation to operational protocols of use of the keying material
for some

At 10:45 AM 5/23/97 -0700, Tony Bartoletti wrote:
>Thanks to all who have engaged this thread, and especially to Bill Frantz and
>Brian Thomas for bringing clarity to what I intended by my original
>I used the term "trust" in the mechanical sense, meaning that I have recorded
>a decision to transfer some range of authority to another entity via a signed
>key (certificate).  At best, PKI serves to provide a mathematically
>means of executing, recording and tracing these mechanical decisions to grant
>(or revoke) authority.  In this limited sense, the "trust" represented by a
>certification is transitive, and transitive closure is what we seek in the
>validation of a certificate chain, or certificates have no value whatsoever.
>We would like to establish and maintain trust in the metaphysical sense.  The
>degree to which we cannot is influenced my many factors, the great
majority of
>which involve human nature and cannot be addressed in other ways.  But
some of
>the reasons trust fails ARE attributable to weak mechanics, and PKI serves to
>eliminate (ok, mitigate) many of these mechanical concerns.