[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: K-of-N subjects
At 11:46 AM -0700 8/26/97, Carl Ellison wrote:
>At 12:47 PM 8/26/97 -0400, Michael C. Richardson wrote:
>> I think k-of-n is of sufficient interest for CA type applications
>>that I think that justifies it. It ought to be a SHOULD, not a MUST
>>for implementations. I see CRC's (with pre-shared symmetric signing
>>keys) being the tool to let devices with very small CPUs to act as
>>verifiers. The relationship to Kerberos is strong here. Someone told
>>me that NT 5.0 will have Kerberos...
>
>This might be a real solution to the problem. Let's see what the
>list thinks. Letting K-of-N be a "should" (something we don't bother
>distinguishing yet) and planning for light and heavy weight tuple
>reducing engines allows us to have our cake and eat it too if/when
>we pair the small, dumb card processors with a trusted device on
>the net. It certainly makes smartcard life easier...unless there
>is a problem finding that trusted, networked device which has a
>symmetric key in its memory -- for generating the CRC for the card.
I also concur -- I like this construction for the future, but don't want to
have to implement it for some time. I also see some arguement for this not
even being a SHOULD or MAY, but instead be an appendix to the first draft
as a statement of future direction in design of SPKI.
------------------------------------------------------------------------
.. ** NOTE NEW OFFICE ADDRESS & PHONE NUMBER ** ..
.. Christopher Allen Consensus Development Corporation ..
.. President & CTO 2930 Shattuck Ave. #206 ..
.. <ChristopherA@consensus.com> Berkeley, CA 94705-1883 ..
.. <http://www.consensus.com> o510/649-3300 f510/649-3301 ..
References: