[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: more comments on "shrinkwrap"
-----BEGIN PGP SIGNED MESSAGE-----
At 09:32 AM 8/28/97 +0300, Markku-Juhani Saarinen wrote:
>> The <sequence> is a set of signatures (and other cruft) on a single
>> certificate.
>
>Nope. It may contain any number of certificates, preferably forming a
>chain.
>
> <sequence>:: "(" "sequence" <seq-ent>* ")" ;
> <seq-ent>:: <cert> | <pub-key> | <signature> | <op> ;
You're right. The (sequence...) is the prover's way to tell the verifier
what to do to verify that the prover has access. Therefore, it holds all
the public keys and certs and hash commands necessary to step a (presumed
dumb) verifier through that sequence of certs. If we were to do k-of-n,
there would be even more elaborate (do ..) options, including stack operations.
It was k-of-n that inspired the (sequence...) but now that I've defined it,
I see that it's useful for normal straight-line verification (to keep the
verifier's code as simple as possible).
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNAZWu1QXJENzYr45AQFq8AQAo2L2THbvzZz71q/KZDLsoID7wi/AAG+y
ws9YVypyWi3yoM1H/A6+Mgt6FOJgcvAlEQfTHi32wod9fc60Eq/gPdl5v0VhovdH
YiJEIy8jGfquyj6wCqupNerBIVBlM7MyyB9OuaHe6foR2hMoJetzIA4A1FkGgftF
AqNVYib+5DE=
=I/9N
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: