[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: comments on pre-Munich spki draft
-----BEGIN PGP SIGNED MESSAGE-----
At 06:57 PM 8/16/97 -0400, Michael Richardson wrote:
> (cert
> (issuer (hash md5 |Ut9m14byPzdbCNZWdDjNQg==|))
> (subject
> (hash md5 |vN6ySKWE9K6T6cP9U5wntA==|))
> (tag (name fred)))
This form of SDSI name definition turns out to be harder to process and not
as rich as defining the name in the issuer. I plan to write this up much
better, shortly.
> I don't think that (do ...) is well enough documented. I suspect
>that this is an advanced feature and belongs in a seperate draft. One
>point: the basic version needs to be basic. Machines with the oompf to
>support the advanced stuff probably can support PolicyMaker as well.
(do ...) isn't an advanced feature. It was specifically added with limited
verifiers (like smartcards) in mind. That is, it's the way the prover tells
the verifier what to do and in what order. If you're going to process
K-of-N, you need it for sure -- but it's also useful just for indicating
that the object just presented (e.g., a key) needs to be hashed by a
particular algorithm and kept around because it's referred to later by that
hash.
In other words, I agree with you that I didn't document (do ...) well enough.
- Carl
> Carl, did you mention that your code to create the examples was
>posted somewhere?
I said I plan to post it. It isn't as complete as I want it but the next
time I boot my LINUX drive, I'll bundle up what I have so far and just put
it on my ftp site. There's so much on my plate right now that polishing and
fleshing out the example code isn't high enough priority. Besides, if I
post it, maybe someone on the list will improve and re-post it :)
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNAL8wFQXJENzYr45AQGarQQAhUnbR6oG5RueFfSnpNuBmGeFRFYiMTMz
6HvPvXRxEBi0cIXFwW/2XlW5hRy7zI7y4EEXLNvx1vud23Gn6gRHa2KSJd3QuzG8
ITPyvAhjDktmA0X24HBLfpHQmCzr8T1xpVaJQ+FfR6rovmO9hG06v+nvuAAztO3r
GfowtcujYxU=
=FMqB
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: