[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

fault tolerance of SPKI/SDSI

It occurred to me the other day that SDSI with chained local naming and SPKI 
with that plus chained local direct authorizations have an advantage over 
hierarchical schemes.  Certs in our worlds are mesh-like rather than 
tree-like.  I hestiate comparisons to the PGP web of trust, because PGP's 
links are votes on some global name binding, but PGP has the same advantage.

Namely:  these meshes of certificates can be fault tolerant.  A tree can not 
be.  If you break a link in a tree, a whole branch falls off.  If you break 
the root, the whole tree falls.  This is because a tree is inherently 

Of course, the degree of actual fault tolerance will depend on practice, but 
this is something developers will probably want to remain aware of and 
to plan for.  I plan to add this note to the new draft.

 - Carl

|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |