[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Summary Trust x Delegation

To: Carl Ellison <cme@cybercash.com>
Subject: Re: Summary Trust x Delegation
From: "E. Gerck" <egerck@laser.cps.softex.br>
Date: Fri, 20 Jun 1997 17:44:24 -0300 (EST)
Cc: Stef Hoeben <Stefan.Hoeben@esat.kuleuven.ac.be>, spki@c2.net
In-Reply-To: <3.0.2.32.19970620134647.036bc530@cybercash.com>

On Fri, 20 Jun 1997, Carl Ellison wrote:

-> -----BEGIN PGP SIGNED MESSAGE-----
-> 
-> At 01:02 PM 5/28/97 +0200, Stef Hoeben wrote:
-> >But the problem remains that the PKI's at the moment are not usable
-> >(special purpuse stuff like SET, ... excluded) BECAUSE you can't
-> >trust the certficates. The above looks to me like a playing with
-> >words which goes around this problem. See below for an example.
-> 
-> AHA!
-> 
-> Thank you, Stef!  I believe I now know the magic words for this debate.
-> 
-> The crypto world, and especially the X.509 world, have been worried forever 
-> about wheher you can trust the certificates.
-> 
-> We, in SPKI, assume you can trust the certificates (riding on the shoulders of 
-> the X.509 work) and now focus on the question of what you can trust about the 
-> certified key.
-> 
-> These are two different issues entirely.
-> 

Exactly, but with three comments.

First: You can't trust a X.509 certificate because it is based on
extrinsic references that are outside the dialogue of the parties, which
references are always relative to assumptions that are unknown to the
parties. A X.509 certificate may come from a 100% trusted CA and be 100%
wrong. One could say that the shoulders of X.509 work have already
collapsed on its own weight ;-). So, a X.509 certificate is not able to
provide a secure binding between an entity and a key -- which is what it
was supposed to do -- even though it provides a secure binding between the
certificate and the key. Two entirely different points.

Second: Notwithstanding the collapse of X.509, a SPKI certificate aims at
assigning "what" and not "who", as you say. The point here is how to
assure that the "what" is exactly followed. 

Third: So I think SPKI should not say that X.509 certs are the base for
SPKI for three reasons: (i) they are fairly independent, (ii) X.509 certs
are not "certificates" as a "certificate of deposit" is and may be 100%
wrong, (iii) SPKI can be based on other trust models, which may even
include X.509-like certs but without extrinsic references.

Yours,

Ed Gerck

______________________________________________________________________
Dr.rer.nat. E. Gerck                        egerck@laser.cps.softex.br
http://novaware.cps.softex.br
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil  - Fax: +55-19-2429533

Follow-Ups:

Re: Summary Trust x Delegation

From: Carl Ellison <cme@cybercash.com>

References:

Re: Summary Trust x Delegation

From: Carl Ellison <cme@cybercash.com>

Prev by Date: Re: Mary is Mary
Next by Date: SPKI signing keys only
Prev by thread: Re: Summary Trust x Delegation
Next by thread: Re: Summary Trust x Delegation
Index(es):
- Main
- Thread