[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Persistent identities (was: Re: yet another <auth> type)
-----BEGIN PGP SIGNED MESSAGE-----
David Kemp's points (below) about persistent identities hits the nail
right on the head for me. The PKI proposals that I've seen either don't
provide for a persistent identity (SPKI/SDSI), which makes key management
a real headache, or the persistent identity is too cumbersome and/or
dynamic (such as with X.500 DNs).
IMO for a PKI to be practical it should provide:
(a) Minimal person <-> key links (i.e. persistent identities) that won't
change every time the person gets a new job title or a haircut. The PKI
should have mechanisms for handling key revocations and updates, such that
the (online) identity remains unchanged as much as possible across key
(b) A simple way of attaching attributes of any kind to the persistent
identity. I'd say SDSI does a fine job of this. Note I said that the
attributes are attached to the identity and not, as in SDSI, to the key,
but I think SDSI can be easily tweaked to work with identities rather than
I've yet to see any concrete proposals for (a), though I've got some
half-formed ideas of my own. I suspect that finding something that works
and is socailly acceptable to most people will prove difficult.
============================== ------ I'M LOOKING FOR A JOB! -----
Marc Branchaud I'm looking for a full-time career,
email@example.com and I'm willing to move almost any-
www.zoo.net/~marcnarc/ where. You can see my CV online at
On Mon, 24 Feb 1997, David P. Kemp wrote:
> The premise of SPKI is that persistent identities are an unnecessary
> middle step between the public key and the "stuff" (names, email
> addresses, priviledges, etc) to be attached to that key. Therefore
> persistent identities have been eliminated as a concept from SPKI.
> But the assumption that the public key *IS* the identity is fundamentally
> at odds with good key hygene, which dictates that keys be replaced
> periodically "just because", or sooner than the normal period if required
> by individual key compromise, in response to unexpected advances in
> cryptography, or for other reasons.
> A persistent identity does not have to be in the form of an X.509
> Distinguished Name, nor does it have to be globally unique or meaningful,
> nor does it need to have any semantic meaning at all (it could be a random
> number, or the hash of something, for example), but it does need to
> be persistent. It allows one to accommodate key updates without
> requiring contortions like issuing certificates to map certificates to
> other certificates!
> Better start scratching off that "S" thing from SPKI :-).
> "Every problem can be solved with another level of indirection."
> -- ???
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----