[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rules for SPKI <auth> field comparisons


At 02:09 PM 3/12/97 +0200, Michael Richardson wrote:
>>>>>> "Carl" == Carl Ellison <cme@cybercash.com> writes:
>    Carl> We need to define a mechanism to be used by those who define
>    Carl> new <auth> fields so that they can describe the sorting
>    Carl> order for their fields.  We could fall back on the
>  I must admit that I don't understand this requirement.
>  At first I thought this was so that we could have a canonical order
>for the auth fields for signature.

No, I believe we should have the firm rule that one signs what is
transmitted.  There might be an exception for white space handling
if we adopt an ASCII format, thinking about SMTP or FTP ASCII mode.

>  Now, I think (based on your "checking" example) that this has
>more to do with interpretation of the auth field. This confuses me,
>because I thought this was necessarily application specific. 

The definition of an <auth> field is strictly up to the verifier.  His 
application is the only one that cares.  However, if anyone else is going to 
generate certs with these <auth> fields, it's just polite :) to communicate 
to that cert issuer what constitutes the semantics of the <auth> field(s) 
being generated.  It's also possible that we might produce a standard 
library for interpretation of 5-tuples to which some <auth> designer needs 
to communicate.

However, this isn't something the cert itself needs to worry about.  Agreed?

>  [I'm willing to write my cooked-ascii format up in an id if there is interest]

Not that I want to discourage volunteers, but the ASCII format you sent out 
before struck me as hard enough to read (for lack of spaces) that I'd 
imagine writing a custom editor to manipulate it - in which case it might as 
well be binary.  I'd like to hear from others on this.

Version: 2.6.2


|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |

Follow-Ups: References: