[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Summary Trust x Delegation

To: egerck@laser.cps.softex.br
Subject: Re: Summary Trust x Delegation
From: Michael Robinson <robinson@public.bta.net.cn>
Date: Thu, 29 May 1997 10:30:00 +0800
Cc: Stefan.Hoeben@esat.kuleuven.ac.be, spki@c2.net
Sender: owner-spki@c2.net

"E. Gerck" <egerck@laser.cps.softex.br> writes:
>That is the point. If "authorization" and "delegation" use *your*
>signature in order to satisfy someone's heart content then this is not
>"authorization" or "delegation".

My understanding of the current protocol is that unless an explicit statement
to the contrary is encoded in the certificate, SPKI authorizations are non-
transferable.

My further understanding is that if an authorization is specifically 
designated as "may-delegate", it is specifically that authority, and no other,
which may be delegated.

If my understanding is incorrect, please indicate where, specifically, in 
the proposal I may correct my understanding.

If my understanding is correct, please describe in specific detail how 
the SPKI delegation mechanism is any less secure or robust than the 
real-world authorization and delegation mechanisms upon which human
civilization is currently built.

	-Michael Robinson

Follow-Ups:

Re: Summary Trust x Delegation

From: Bill Frantz <frantz@netcom.com>

Prev by Date: Re: Summary Trust x Delegation
Next by Date: Call for Participation: 2nd Intl. Workshop on Enterprise Security
Prev by thread: Re: Summary Trust x Delegation
Next by thread: Re: Summary Trust x Delegation
Index(es):
- Main
- Thread