[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SPKI signing keys only

To: "William Allen Simpson" <wsimpson@greendragon.com>
Subject: Re: SPKI signing keys only
From: Carl Ellison <cme@cybercash.com>
Date: Tue, 24 Jun 1997 14:34:19 -0400
Cc: spki@c2.net
In-Reply-To: <6061.wsimpson@greendragon.com>
Sender: owner-spki@c2.net

-----BEGIN PGP SIGNED MESSAGE-----

At 09:31 PM 6/20/97 GMT, William Allen Simpson wrote:
>I don't really like the term "signing keys", though.  Signing is an
>activity.
>
>I usually explain it as:
>
>    Identification key: a long-term key that is associated with a
>    particular role, person, machine, or process (usually a
>    public/private key pair).
>
>    Communication key: a short-term key used for a message (usually an
>    "ephemeral" symmetric secret key).
>
>    Signing is the _act_ of creating a Signature using Identification
>    keys.  I rarely mention that this often involves public key
>    encryption to create the signature.  Folks just don't understand
>    that this signature encryption is a fundamentally different usage
>    than message stream encryption.
>
>    A Certificate is a list of Signatures.
>
>    Authentication is the _act_ of verifying the certificate.
>
>    Authorization is the _act_ of verifying that a particular
>    certificate has "permission" to act based on a "policy".
>

I think you're taking a different projection of the problem space from the one 
I'm used to.  To me, a key is a signature key or an encryption key, getting its 
name from the process with which it is used.

I agree that you can also list the interpretation that key use leads to 
(identification, authentication, authorization, ...) to name the key.  My 
preference is to stick with my old habits but the suggestion is interesting.

 - Carl

-----BEGIN PGP SIGNATURE-----
Version: 5.0
Charset: noconv

iQCVAwUBM7ATKlQXJENzYr45AQFbBgP+KyGT0Ro8+Aqbb+cJPdXa1Ry4OY9IwFnj
Qd0CwOk/tpwTz2zFixxmRRXBfoyrlP50VqFk1L/MaRaXT9mL+Rez2yZbnqvrApfM
fm9dVBePdqW5UtXsHD03E9Fi0O12nigjMaISvYovGuVGRHExSebhMVN4ASR6yX7n
3rbUQkfofxo=
=fPb4
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

References:

SPKI signing keys only

From: "William Allen Simpson" <wsimpson@greendragon.com>

Prev by Date: Re: SPKI signing keys only
Next by Date: Re: SPKI signing keys only
Prev by thread: SPKI signing keys only
Next by thread: Re: SPKI signing keys only
Index(es):
- Main
- Thread