[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Summary Trust x Delegation

On Fri, 20 Jun 1997, Carl Ellison wrote:

-> At 01:02 PM 5/28/97 +0200, Stef Hoeben wrote:
-> >But the problem remains that the PKI's at the moment are not usable
-> >(special purpuse stuff like SET, ... excluded) BECAUSE you can't
-> >trust the certficates. The above looks to me like a playing with
-> >words which goes around this problem. See below for an example.
-> AHA!
-> Thank you, Stef!  I believe I now know the magic words for this debate.
-> The crypto world, and especially the X.509 world, have been worried forever 
-> about wheher you can trust the certificates.
-> We, in SPKI, assume you can trust the certificates (riding on the shoulders of 
-> the X.509 work) and now focus on the question of what you can trust about the 
-> certified key.
-> These are two different issues entirely.

Exactly, but with three comments.

First: You can't trust a X.509 certificate because it is based on
extrinsic references that are outside the dialogue of the parties, which
references are always relative to assumptions that are unknown to the
parties. A X.509 certificate may come from a 100% trusted CA and be 100%
wrong. One could say that the shoulders of X.509 work have already
collapsed on its own weight ;-). So, a X.509 certificate is not able to
provide a secure binding between an entity and a key -- which is what it
was supposed to do -- even though it provides a secure binding between the
certificate and the key. Two entirely different points.

Second: Notwithstanding the collapse of X.509, a SPKI certificate aims at
assigning "what" and not "who", as you say. The point here is how to
assure that the "what" is exactly followed. 

Third: So I think SPKI should not say that X.509 certs are the base for
SPKI for three reasons: (i) they are fairly independent, (ii) X.509 certs
are not "certificates" as a "certificate of deposit" is and may be 100%
wrong, (iii) SPKI can be based on other trust models, which may even
include X.509-like certs but without extrinsic references.


Ed Gerck

Dr.rer.nat. E. Gerck                        egerck@laser.cps.softex.br
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil  - Fax: +55-19-2429533  

Follow-Ups: References: