[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
fault tolerance of SPKI/SDSI
It occurred to me the other day that SDSI with chained local naming and SPKI
with that plus chained local direct authorizations have an advantage over
hierarchical schemes. Certs in our worlds are mesh-like rather than
tree-like. I hestiate comparisons to the PGP web of trust, because PGP's
links are votes on some global name binding, but PGP has the same advantage.
Namely: these meshes of certificates can be fault tolerant. A tree can not
be. If you break a link in a tree, a whole branch falls off. If you break
the root, the whole tree falls. This is because a tree is inherently
1-dimensional.
Of course, the degree of actual fault tolerance will depend on practice, but
this is something developers will probably want to remain aware of and
to plan for. I plan to add this note to the new draft.
- Carl
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+