[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Auth fields

To: rivest@theory.lcs.mit.edu (Ron Rivest)
Subject: Re: Auth fields
From: Carl Ellison <cme@cybercash.com>
Date: Sat, 29 Mar 1997 15:48:35 -0500
Cc: spki@c2.net, blampson@microsoft.com
In-Reply-To: <199703292032.AA22705@swan.lcs.mit.edu>
Sender: owner-spki@c2.net

At 03:32 PM 3/29/97 EST, Ron Rivest wrote:
>* I don't really like the name member-of-issuer (or its short form, moi, as

Awwww  :(

:)


>  noted in an earlier message).  The reason is that this form of delegation
>  is used for simple name/value binding as well, i.e.
>		( issuer <alice's-key> friends )
>		( subject <bob's-key> )
>		( moi )
>  (group membership), should be treated no differently than
>		( issuer <alice's-key> bob )
>		( subject <bob's-key> )
>		( moi )
>  (name/value binding).  I suggest that we treat them identically, and in
>  such a case the name "member-of-issuer" isn't quite right.  I would 
>  suggest something like a generic "bind" or "link" or even "links-to" 
>  as the auth, instead of "moi".  Perhaps "link" is best.

I had been using:  ( member <grp-name> ) for the first and ( name <person-name> )
for the second, with a key as issuer and a key as subject.  I suppose there
is no reason to keep these separate however (as I asked in issue #17).

If we have a single form for groups and individual names, then all names are
group names and some groups will happen to have only one member.  Is that
what you want to see happen?

"bind" and "link" sound good.  I was thinking "def", when I read that sentence.
I also like "member", if names are groups of 1.

>* I presume it is clear that when key1 links to key2 (using the terminology  
>  of the above paragraph), that key2 does not acquire authority over key1's
>  name space.  That is, just because key1 has delegated all of his (acquired)
>  rights to key2, he is not also delegating his (natural) right to control
>  over his namespace.  Key2 should not be able to issue a certificate binding
>  a value to a name in key1's namespace.  I think we were all already in
>  agreement about this, but I thought we should be explicit (here and in
>  the document.)  Only key1 can ever say anything about key1's namespace.

I agree completely.

>  If key1 wants to delegate some power, he can do so by, e.g.
>	( issuer <key1> bob )
>	( subject <key2> bob )
>        ( link )
>  and let key2 determine where to link to from <key2> bob.

What does this mean?  To me, this means that (<key2> bob) is a member of my group, bob.


 - Carl


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

References:

Auth fields

From: rivest@theory.lcs.mit.edu (Ron Rivest)

Prev by Date: [cme@cybercash.com: Re: Comments on SPKI draft of 25 March 1997]
Next by Date: Comments on SPKI draft of 25 March 1997
Prev by thread: Auth fields
Next by thread: display-types
Index(es):
- Main
- Thread