[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Summary Trust x Delegation

On Tue, 27 May 1997, Peter Williams wrote:

-> At 03:58 PM 5/24/97 GMT, William Allen Simpson wrote:
-> >> From: "E. Gerck" <egerck@laser.cps.softex.br>
-> >> We have the following *main* groups, propositions and comments:
-> >>
-> >> A. "Trust is not transitive" is a fact in all cases even with perfect
-> >> B. "Trust is not transitive" only if you take forgery and unlawful acts
-> >> C. "Trust is transitive". There is no issue about it and delegation is a
-> >
-> >I'm sorry, but that's not what I got out of the debate at all.
-> >
-> >I saw folks indicate that trust is not an objective protocol issue, it
-> >is a subjective human motivation.
-> >
-> >The protocol issues are "authentication", "authorization", and
-> >"delegation".
-> >

Indeed, trust is as you say -- an ideal, subjective, and has no place in a

However, it is evidently true that the model (mechanical) cannot exceed
the boundaries of the ideal (abstract). 

What I thus indicated in my summary above (hashed, of course) was that the
model -- i.e., the protocol -- was at odds with the ideal, according to
groups A and B.

Does this mean we have to change the ideal? No! The model has gone astray.

That's why I had to grasp back to the ideal -- not because I want it in a
string of bytes but because it is the primary cause, l'essence.

Thus, the protocol-variables "authorization" and "delegation" must:

1. reflect ideal-variables (not necessarily in an orthonormal way)
2. not exceed the ideal limits
3. represent to a reasonable approximation the ideal
This is not the case according to those that think that "trust is not
transitive", because the ideal clearly sets a limit that the protocol

The protocol variable "delegation" may be a non-linear combination of
trust, belief, faith, wishful thinking, good guess, history, futurology,
risk, cost, law, accepted practice, etc. -- but it MUST never try to
enforce a world standard that even tries to make trust behave

It is also not the issue to redefine trust and wish the problem away.
Because the problem is not with the ideal -- it is with the model. So
changes in the ideal will not make it better.

Also, it does not help to put the problem aside, because it is a deck of

So, the future is now and the "authorization" & "delegation" issues are so
central to the protocol that they should not be allowed to move in such an
hyperbolic orbit as compared to the center of attraction represented by
the ideals, the Platonic reservoir if you want.


Ed Gerck

Dr.rer.nat. E. Gerck                        egerck@laser.cps.softex.br
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil  - Fax: +55-19-2429533