Re: Pairwise merging of certificates

[Carl Ellison <cme@cybercash.com>]

-----BEGIN PGP SIGNED MESSAGE-----

Ron,

	after our phone conversation, I now agree with you that the rule needs to 
be that 

C1:	(issuer (x))
	(subject (ref foo))

C2:	(issuer (name bla))
	(subject (y))

combine if foo is a prefix of bla or bla is a prefix of foo...allowing 
pairwise combinations.  Such general things would probably not happen in 
practice, where it's almost certainly easiest to evaluate cert loops from 
one end, but it's nice to have the definition so that reductions in the 
middle are theoretically possible.

In this case, it makes little sense to use two different object types "name" 
and "ref".

 - Carl

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBM7PZXVQXJENzYr45AQGmqgP/bt8BSzborOYbytd13rwtcFGl4eLIFmlK
8QtsZDhIcJ1GwJ1JgnEDn6SxEPNNVp9nVZ8nxMGhaWI5w/MI8oYJp1KxRX+fNbIW
0ZVLj3hcVCGzhe6tdaE6+m/Di0sYkjgPtJeVk/dovLY7HwvDll4vKX3JQKwYkzTk
RDaiA79bPuU=
=zXHe
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

---

References:

• Pairwise merging of certificates
• From: rivest@theory.lcs.mit.edu (Ron Rivest)

---

• Prev by Date: Re: SPKI signing keys only (errata)
• Next by Date: gathering up the lessons learned and moving on to implementation
• Prev by thread: Re: Pairwise merging of certificates
• Next by thread: Re: SPKI signing keys only (errata)
• Index(es):
  • Main
  • Thread