[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: fault tolerance of SPKI/SDSI

At 10:09 PM 3/12/97 -0800, Hal Finney wrote:
>Yes, that's an interesting point, but it seems like it applies to the SPKI
>authorizations more than SDSI.  With SPKI, A could delegate some authority
>to both B and C, who could both then pass their authority to D, and you
>have redundancy.  As long as one of B or C is still valid and present then
>D can use his authorization.
>But with SDSI, although you may have "joe's boss" and "jim's bud" being
>the same key, it's not clear that you would know that keyholder by both
>names.  More commonly I think you would see roles, like "rsa's president",
>in which case you would be unlikely to have redundant paths to the key.
>PGP adds a fuzzy component, so that for example you may require at least
>two paths to a key in order to accept it for some use.  Policymaker-like
>extensions would be how you would express this kind of concept in SPKI,
>I think.


	I think you've summarized it nicely.  It's possible that someone
could use SDSI group names to achieve this, but it's not the natural
thing to do.

	Meanwhile, PGP has had this characteristic all along, as you point out.

 - Carl

|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |