[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Summary Trust x Delegation


all good points, Ed.  Thank you.

At 05:44 PM 6/20/97 -0300, E. Gerck wrote:
>On Fri, 20 Jun 1997, Carl Ellison wrote:
>-> At 01:02 PM 5/28/97 +0200, Stef Hoeben wrote:
>-> >But the problem remains that the PKI's at the moment are not usable
>-> >(special purpuse stuff like SET, ... excluded) BECAUSE you can't
>-> >trust the certficates. The above looks to me like a playing with
>-> >words which goes around this problem. See below for an example.
>-> AHA!
>-> Thank you, Stef!  I believe I now know the magic words for this debate.
>-> The crypto world, and especially the X.509 world, have been worried forever 

>-> about wheher you can trust the certificates.
>-> We, in SPKI, assume you can trust the certificates (riding on the shoulders 
>-> the X.509 work) and now focus on the question of what you can trust about 
>-> certified key.
>-> These are two different issues entirely.
>Exactly, but with three comments.
>First: You can't trust a X.509 certificate because it is based on
>extrinsic references that are outside the dialogue of the parties, which
>references are always relative to assumptions that are unknown to the
>parties. A X.509 certificate may come from a 100% trusted CA and be 100%
>wrong. One could say that the shoulders of X.509 work have already
>collapsed on its own weight ;-). So, a X.509 certificate is not able to
>provide a secure binding between an entity and a key -- which is what it
>was supposed to do -- even though it provides a secure binding between the
>certificate and the key. Two entirely different points.
>Second: Notwithstanding the collapse of X.509, a SPKI certificate aims at
>assigning "what" and not "who", as you say. The point here is how to
>assure that the "what" is exactly followed. 
>Third: So I think SPKI should not say that X.509 certs are the base for
>SPKI for three reasons: (i) they are fairly independent, (ii) X.509 certs
>are not "certificates" as a "certificate of deposit" is and may be 100%
>wrong, (iii) SPKI can be based on other trust models, which may even
>include X.509-like certs but without extrinsic references.
>Ed Gerck
>Dr.rer.nat. E. Gerck                        egerck@laser.cps.softex.br
>P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil  - Fax: +55-19-2429533  
Version: 5.0
Charset: noconv


|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |