[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Persistent identities (was: Re: yet another <auth> type)


David Kemp's points (below) about persistent identities hits the nail
right on the head for me.  The PKI proposals that I've seen either don't
provide for a persistent identity (SPKI/SDSI), which makes key management
a real headache, or the persistent identity is too cumbersome and/or
dynamic (such as with X.500 DNs).

IMO for a PKI to be practical it should provide:

(a) Minimal person <-> key links (i.e. persistent identities) that won't
change every time the person gets a new job title or a haircut.  The PKI
should have mechanisms for handling key revocations and updates, such that
the (online) identity remains unchanged as much as possible across key

(b) A simple way of attaching attributes of any kind to the persistent
identity.  I'd say SDSI does a fine job of this.  Note I said that the
attributes are attached to the identity and not, as in SDSI, to the key,
but I think SDSI can be easily tweaked to work with identities rather than

I've yet to see any concrete proposals for (a), though I've got some
half-formed ideas of my own.  I suspect that finding something that works
and is socailly acceptable to most people will prove difficult.


==============================	------ I'M LOOKING FOR A JOB! -----
        Marc Branchaud        	I'm looking for a full-time career,
       marcnarc@zoo.net       	and I'm willing to move almost any-
    www.zoo.net/~marcnarc/    	where.  You can see my CV online at
==============================	www.zoo.net/~marcnarc/Marc-CV.htm

On Mon, 24 Feb 1997, David P. Kemp wrote:
> The premise of SPKI is that persistent identities are an unnecessary
> middle step between the public key and the "stuff" (names, email
> addresses, priviledges, etc) to be attached to that key.  Therefore
> persistent identities have been eliminated as a concept from SPKI.
> But the assumption that the public key *IS* the identity is fundamentally
> at odds with good key hygene, which dictates that keys be replaced
> periodically "just because", or sooner than the normal period if required
> by individual key compromise, in response to unexpected advances in
> cryptography, or for other reasons.
> A persistent identity does not have to be in the form of an X.509
> Distinguished Name, nor does it have to be globally unique or meaningful,
> nor does it need to have any semantic meaning at all (it could be a random
> number, or the hash of something, for example), but it does need to
> be persistent.  It allows one to accommodate key updates without
> requiring contortions like issuing certificates to map certificates to
> other certificates!
> Better start scratching off that "S" thing from SPKI :-).
>       dpk
> "Every problem can be solved with another level of indirection."
>    -- ???

Version: 2.6.3ia
Charset: noconv