[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject signing redux (was: Re: Mary is Mary)


On Sat, 21 Jun 1997, Carl Ellison wrote:
> At 05:27 PM 6/20/97 -0300, E. Gerck wrote:
> > 
> >So, to sum up:
> >
> >1. Pls include a MUST co-sign clause.
> I would like to hear list discussion on this one point.

My instinctive feeling on this issue is that co-siging should _not_ be
mandated by SPKI.

For one thing, it's an extra layer of complexity that some, even many,
people might not want to deal with -- every cert would have to be verified
with two signatures and two key revocation checks.

For another, it bugs me from a freedom-of-speech point of view.  Libel
laws aside, if I want to label someone (or their key) as a purple people
eater I shouldn't need their permission.  Whether other people believe my
assertion is another story, and they should also be free to make that
decision without the subject's expressed consent.

What it comes down to is having the subject agree to whatever auth he's
been granted, and I get the nagging feeling that there will be situations
where that's not going to work.

What about assigning an attribution to a group?  Who should counter-sign
the cert then?

Furthermore, subject-signed certs don't make much sense in the SPKI
context of issuer-as-verifier.  If I issue a cert saying someone's a
weenie, when I verify that cert I'll believe it regardless of what other
signatures are on it.  Besides, would the weenie ever even present the
cert back to me if he didn't want me to think he was a weenie? 

Perhaps that's what it comes down to.  If the subject is presenting the
cert anyway, isn't that an implied acceptance of its tag? 


 Marc Branchaud                                       \/
 Chief PKI Architect                                  /\CERT SOFTWARE INC.
 marcnarc@xcert.com        PKI References page:              www.xcert.com
 604-640-6210x227      www.xcert.com/~marcnarc/PKI/

Version: 2.6.3ia
Charset: noconv


Follow-Ups: References: