[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

fault tolerance of SPKI/SDSI

To: spki@c2.net
Subject: fault tolerance of SPKI/SDSI
From: Carl Ellison <cme@cybercash.com>
Date: Wed, 12 Mar 1997 18:09:00 -0500
Sender: owner-spki@c2.net

It occurred to me the other day that SDSI with chained local naming and SPKI 
with that plus chained local direct authorizations have an advantage over 
hierarchical schemes.  Certs in our worlds are mesh-like rather than 
tree-like.  I hestiate comparisons to the PGP web of trust, because PGP's 
links are votes on some global name binding, but PGP has the same advantage.

Namely:  these meshes of certificates can be fault tolerant.  A tree can not 
be.  If you break a link in a tree, a whole branch falls off.  If you break 
the root, the whole tree falls.  This is because a tree is inherently 
1-dimensional.

Of course, the degree of actual fault tolerance will depend on practice, but 
this is something developers will probably want to remain aware of and 
to plan for.  I plan to add this note to the new draft.

 - Carl




+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

Prev by Date: Re: rules for SPKI <auth> field comparisons
Next by Date: Re: fault tolerance of SPKI/SDSI
Prev by thread: abbr's
Next by thread: Re: fault tolerance of SPKI/SDSI
Index(es):
- Main
- Thread