[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Trust and Transitivity

> Do we agree that authorization, represented for mechanistic
> processing through certificate chains, is transitive and
> that cert chains (a<<b>> b<<c>> ...) are a legitimate means of expressing
> the delegation controls transfering some authority from one 3d party
> to another?

Yes, I believe that this is not only valid, but illuminative.  In other
words (yet again to flog this long-dead horse), "authorization" is the
simple, unthinking, unfeeling, mathematically deterministic
implementation of the "trust" bestowed by complicated, cogitative,
compassionate, confusable humans for reasons of their own.  It
therefore suffers from the same weaknesses related to judgements on the
appropriateness of trust, but seeks, by sound design and implementation,
to eliminate weaknesses related to errors of execution, and to avoid
introducing new weaknesses related to increased exposures in cyberspace.

> Surely a positive response belongs at the heart of SPKI principals'
> key and authorization distribution management, as it does to X.509's
> (restricted)
> notion of authority delegation to CAs to uphold agreed practices, and an
> X.509 user
> cert's delegation to operational protocols of use of the keying material
> for some
> purpose.

I wouldn't dare to disagree with you there, Peter...


Brian Thomas, CISSP - Distributed Systems Architect  bt0008@entropy.sbc.com
Southwestern Bell                                    bthomas@primary.net
One Bell Center,  Room 34G3                          Tel: 314 235 3141
St. Louis, MO 63101                                  Fax: 314 235 0162