[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

binary format proposal as internet-draft

I wrote a proposal for a binary format and alternate semantics for
SPKI in April.  That draft was only circulated within a small group,
but some of the ideas have now been merged into the latest official

The design is quite different from the current SPKI draft in many
ways.  There are some issues that I would now do differently; however,
I think the draft may still be interesting to the group.

The draft is now available as draft-ylonen-spki-binary-00.txt in the
internet-draft repository.  It is also available at

Key points:
  - binary format
  - extension mechanism by defining new formats instead of adding
    arbitrary new fields
  - keys always stored directly
  - many simplifications
  - k-of-n delegation (now merged into the mainstream draft)
  - domains of interpretation for auth, no *-forms
  - naming done differently (I'm not sure if I like my version now)


F-Secure Internet Security Solutions  http://www.datafellows.com/f-secure
Free Unix SSH                         http://www.cs.hut.fi/ssh