[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on pre-Munich spki draft


At 06:57 PM 8/16/97 -0400, Michael Richardson wrote:
>   (cert
>    (issuer (hash md5 |Ut9m14byPzdbCNZWdDjNQg==|))
>    (subject
>	(hash md5 |vN6ySKWE9K6T6cP9U5wntA==|))
>    (tag (name fred)))

This form of SDSI name definition turns out to be harder to process and not 
as rich as defining the name in the issuer.  I plan to write this up much 
better, shortly.

>  I don't think that (do ...) is well enough documented. I suspect
>that this is an advanced feature and belongs in a seperate draft. One
>point: the basic version needs to be basic. Machines with the oompf to
>support the advanced stuff probably can support PolicyMaker as well. 

(do ...) isn't an advanced feature.  It was specifically added with limited 
verifiers (like smartcards) in mind.  That is, it's the way the prover tells 
the verifier what to do and in what order.  If you're going to process 
K-of-N, you need it for sure -- but it's also useful just for indicating 
that the object just presented (e.g., a key) needs to be hashed by a 
particular algorithm and kept around because it's referred to later by that 

In other words, I agree with you that I didn't document (do ...) well enough.

 - Carl

>  Carl, did you mention that your code to create the examples was
>posted somewhere?

I said I plan to post it.  It isn't as complete as I want it but the next 
time I boot my LINUX drive, I'll bundle up what I have so far and just put 
it on my ftp site.  There's so much on my plate right now that polishing and 
fleshing out the example code isn't high enough priority.  Besides, if I 
post it, maybe someone on the list will improve and re-post it :)

 - Carl

Version: PGP for Personal Privacy 5.0
Charset: noconv


|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |