[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fault tolerance of SPKI/SDSI


On Wed, 12 Mar 1997, Carl Ellison wrote:

> It occurred to me the other day that SDSI with chained local naming and SPKI
> with that plus chained local direct authorizations have an advantage over
> hierarchical schemes.  Certs in our worlds are mesh-like rather than
> tree-like.  I hestiate comparisons to the PGP web of trust, because PGP's
> links are votes on some global name binding, but PGP has the same advantage.
> Namely:  these meshes of certificates can be fault tolerant.  A tree can not
> be.  If you break a link in a tree, a whole branch falls off.  If you break
> the root, the whole tree falls.  This is because a tree is inherently
> 1-dimensional.

I asume you mean X.509 with hierarchical schemes. Your argument doesn't
hold strong against X.509, because besides the CA-tree there is also the  
possibility of cross-certification of CAs, which is independent of the
hierarchical level of the two CAs and is in a way comparable with the
PGP web of trust. X.500 is by no way 1-dimensional. So although the
hierarchical system in the first place is not so susceptible to breaks,
because the links are well structured, and have defined responsibilities,
it is, by the means of cross-certification as fault tolerant as a non
hierarchical system.

> Of course, the degree of actual fault tolerance will depend on practice,

This is true for all systems.


- -----------------------------------------------------------------------------
       Karl-Peter Gietz              tel. : +49 7071 29-77800           
Zentrum fuer Datenverarbeitung       email: gietz@zdv.uni-tuebingen.de    
  der Universitaet Tuebingen         snail: Brunnenstr. 27, D-72074 Tuebingen 
      DFN-Projekt AMBIX                     Germany

Version: 2.6.2i