[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Principals in SPKI vs SDSI

I notice that SDSI and SPKI have different definitions of "principal".
In the SDSI v 1.0 document, it says,

  A SDSI principal is defined as a public signature verification key, one or
  more optional global names, and one or more optional internet addresses. The
  most important thing about a principal is its ability to verify signed
  statements; that is why a principal is defined in terms of its public key.

In the SPKI draft, it says:

   The most important issue is the notion of the binding of a key to a

        By PRINCIPAL, we mean an entity (e.g., person, processor,
        process, device (such as a printer), ...) which supplies a
        service or requests action in a distributed computer system.

So in SDSI, a principal is a key, and in SPKI, a principal is a person
or process, etc.  In SDSI an issue is binding names, local or global,
to principals.  In SPKI an issue is binding keys to principals.

In the interests of lessening confusion as the two efforts are merged,
it would be good to adopt a consistent meaning for this term.

Hal Finney
PGP, Inc.