[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SPKI getting something done would be nice....
-----BEGIN PGP SIGNED MESSAGE-----
At 11:20 PM 6/16/97 +0100, Angelos D. Keromytis wrote:
>In message <33A5E1AA.68C52798@verisign.com>, Peter Williams writes:
>>Why is it undesirable to use a "MIME/PGP-signed bodypart"
>>as an SPKI cert? (which is what I suggested)?
>
>I suppose you are aware that the 'S' in SPKI stands for "Simple". I
>can't imagine an SPKI library having a MIME encoder/decoder...
Angelos and Peter,
I'm not sure I see a conflict. Of course, I'm coming into this
discussion very late. I haven't had time to catch up on my SPKI mail, much
less work on the draft tonight! I also need to prepare slides for Wednesday
(I think).
It is clear to me that almost anything certificate-like (including signed
messages, certificates, ACL entries) reduces to a 5-tuple for normal SPKI
reduction (unless it is complex enough to require a program like PolicyMaker).
It seems also clear that we can have volunteer programmers out there who
write modules to convert from various formats to 5-tuples -- e.g., X.509v3,
PGP/MIME, PGP signed keys, DNSSEC signed keys, SET certificates, .... Once
something has been converted to a 5-tuple, it can not only be reduced as
part of a 5-tuple chain (loop), but the resulting
<Self,X,D,A,V>
can be signed by Self, yielding an SPKI/SDSI certificate for X to use for
however long V lasts, to save time and energy.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: 5.0
Charset: noconv
iQCVAwUBM6Y1DVQXJENzYr45AQGs+AP/TwCQJ2papuWp7G5laBE0NtZydZ0I6CzC
CdHqHjP6VdyJdi5ha68a2je+olb3mMSiDhAuxsKXLYkcVN+aNqCNdjBxmFo3wvUN
6LIqhuz+Dz0KOCmfrkfXlO2nyJjhXXu6Q8taeDAZ/jSobCO30TJL1gniWxkaoGZk
ztXqFql79HM=
=0IRu
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
Follow-Ups:
References: