[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: more comments on "shrinkwrap"



-----BEGIN PGP SIGNED MESSAGE-----

At 09:32 AM 8/28/97 +0300, Markku-Juhani Saarinen wrote:
>> The <sequence> is a set of signatures (and other cruft) on a single
>> certificate.
>
>Nope. It may contain any number of certificates, preferably forming a
>chain.
>
>   <sequence>:: "(" "sequence" <seq-ent>* ")" ;
>   <seq-ent>:: <cert> | <pub-key> | <signature> | <op> ;

You're right.  The (sequence...) is the prover's way to tell the verifier 
what to do to verify that the prover has access.  Therefore, it holds all 
the public keys and certs and hash commands necessary to step a (presumed 
dumb) verifier through that sequence of certs.  If we were to do k-of-n, 
there would be even more elaborate (do ..) options, including stack operations.
It was k-of-n that inspired the (sequence...) but now that I've defined it,
I see that it's useful for normal straight-line verification (to keep the
verifier's code as simple as possible).

 - Carl

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQCVAwUBNAZWu1QXJENzYr45AQFq8AQAo2L2THbvzZz71q/KZDLsoID7wi/AAG+y
ws9YVypyWi3yoM1H/A6+Mgt6FOJgcvAlEQfTHi32wod9fc60Eq/gPdl5v0VhovdH
YiJEIy8jGfquyj6wCqupNerBIVBlM7MyyB9OuaHe6foR2hMoJetzIA4A1FkGgftF
AqNVYib+5DE=
=I/9N
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+


References: