[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Summary Trust x Delegation
On Fri, 20 Jun 1997, Carl Ellison wrote:
-> -----BEGIN PGP SIGNED MESSAGE-----
-> At 01:02 PM 5/28/97 +0200, Stef Hoeben wrote:
-> >But the problem remains that the PKI's at the moment are not usable
-> >(special purpuse stuff like SET, ... excluded) BECAUSE you can't
-> >trust the certficates. The above looks to me like a playing with
-> >words which goes around this problem. See below for an example.
-> Thank you, Stef! I believe I now know the magic words for this debate.
-> The crypto world, and especially the X.509 world, have been worried forever
-> about wheher you can trust the certificates.
-> We, in SPKI, assume you can trust the certificates (riding on the shoulders of
-> the X.509 work) and now focus on the question of what you can trust about the
-> certified key.
-> These are two different issues entirely.
Exactly, but with three comments.
First: You can't trust a X.509 certificate because it is based on
extrinsic references that are outside the dialogue of the parties, which
references are always relative to assumptions that are unknown to the
parties. A X.509 certificate may come from a 100% trusted CA and be 100%
wrong. One could say that the shoulders of X.509 work have already
collapsed on its own weight ;-). So, a X.509 certificate is not able to
provide a secure binding between an entity and a key -- which is what it
was supposed to do -- even though it provides a secure binding between the
certificate and the key. Two entirely different points.
Second: Notwithstanding the collapse of X.509, a SPKI certificate aims at
assigning "what" and not "who", as you say. The point here is how to
assure that the "what" is exactly followed.
Third: So I think SPKI should not say that X.509 certs are the base for
SPKI for three reasons: (i) they are fairly independent, (ii) X.509 certs
are not "certificates" as a "certificate of deposit" is and may be 100%
wrong, (iii) SPKI can be based on other trust models, which may even
include X.509-like certs but without extrinsic references.
Dr.rer.nat. E. Gerck email@example.com
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil - Fax: +55-19-2429533