[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: auth fields

To: Carl Ellison <cme@cybercash.com>
Subject: Re: auth fields
From: Ben Laurie <ben@gonzo.ben.algroup.co.uk>
Date: Fri, 14 Mar 1997 20:19:48 +0000 (GMT)
Cc: rivest@theory.lcs.mit.edu, blampson@microsoft.com, spki@c2.net
In-Reply-To: <3.0.1.32.19970314142655.00b132e0@cybercash.com> from "Carl Ellison" at Mar 14, 97 02:26:55 pm
Reply-To: ben@algroup.co.uk

Carl Ellison wrote:
> 
> Hi Ron.
> 
> At 11:10 AM 3/11/97 EST, Ron Rivest wrote:
> >You mentioned a "sorting order" for auth fields.  This implies that
> >you want what mathematicians call a "total order" on the elements, so that
> >between any two such elements you have a relationship (either greater,
> >less than or equal to).
> 
> No, I had always been thinking of a partial order -- maybe a lattice --
> although it's not clear that any such lattice would be closed.
> 
> E.g., in your filesystem example, 
> "ftp://cybercash.com/pub/cme/"
> and
> "ftp://theory.lcs.mit.edu/pub/rivest/"
> might theoretically be both subordinate to 
> "ftp:"
> but there might be no cert ever generated for that lattice point.
> 
> The problem with thinking of such lattices, to me, is that for some real 
> uses of certs, we'll need to be able to do an occasional PolicyMaker 
> translation of <auth> -- something that I don't know how to express in such 
> a form.  A PolicyMaker program would join arbitrary places on such a
> lattice.

You want to be a bit careful about terminology here, because "join" and "meet"
are the defined operations on a lattice, if I remember things correctly. I
suspect that you didn't mean "join" in the lattice sense (and please don't ask
me to define that ... but I know a man who can ;-). Correct me if I'm wrong!

Cheers,

Ben.

> 
> Agree?
> 
>  - Carl
> 
> 
> 
> 
> +------------------------------------------------------------------+
> |Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
> |CyberCash, Inc.                      http://www.cybercash.com/    |
> |207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
> |Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
> +------------------------------------------------------------------+
> 

-- 
Ben Laurie                Phone: +44 (181) 994 6435  Email: ben@algroup.co.uk
Freelance Consultant and  Fax:   +44 (181) 994 6472
Technical Director        URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd,         Apache Group member (http://www.apache.org)
London, England.          Apache-SSL author

Follow-Ups:

Re: auth fields

From: Carl Ellison <cme@cybercash.com>

References:

Re: auth fields

From: Carl Ellison <cme@cybercash.com>

Prev by Date: Re: fault tolerance of SPKI/SDSI
Next by Date: Re: rules for SPKI <auth> field comparisons
Prev by thread: Re: auth fields
Next by thread: Re: auth fields
Index(es):
- Main
- Thread