[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Summary Trust x Delegation

"E. Gerck" <egerck@laser.cps.softex.br> writes:
>That is the point. If "authorization" and "delegation" use *your*
>signature in order to satisfy someone's heart content then this is not
>"authorization" or "delegation".

My understanding of the current protocol is that unless an explicit statement
to the contrary is encoded in the certificate, SPKI authorizations are non-

My further understanding is that if an authorization is specifically 
designated as "may-delegate", it is specifically that authority, and no other,
which may be delegated.

If my understanding is incorrect, please indicate where, specifically, in 
the proposal I may correct my understanding.

If my understanding is correct, please describe in specific detail how 
the SPKI delegation mechanism is any less secure or robust than the 
real-world authorization and delegation mechanisms upon which human
civilization is currently built.

	-Michael Robinson