[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Summary Trust x Delegation
"E. Gerck" <egerck@laser.cps.softex.br> writes:
>That is the point. If "authorization" and "delegation" use *your*
>signature in order to satisfy someone's heart content then this is not
>"authorization" or "delegation".
My understanding of the current protocol is that unless an explicit statement
to the contrary is encoded in the certificate, SPKI authorizations are non-
transferable.
My further understanding is that if an authorization is specifically
designated as "may-delegate", it is specifically that authority, and no other,
which may be delegated.
If my understanding is incorrect, please indicate where, specifically, in
the proposal I may correct my understanding.
If my understanding is correct, please describe in specific detail how
the SPKI delegation mechanism is any less secure or robust than the
real-world authorization and delegation mechanisms upon which human
civilization is currently built.
-Michael Robinson
Follow-Ups: