[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Principals in SPKI vs SDSI
This is a good observation, Hal.
The SPKI wording is left over from the original document, during the writing
of which I was very concerned about getting through to people who need to be
eased into the idea of a key as a principal. I opt for using the definition
of principal = key, since it speaks. I refer to the word that way elsewhere
in the text.
- Carl
At 02:10 PM 3/29/97 -0800, Hal Finney wrote:
>I notice that SDSI and SPKI have different definitions of "principal".
>In the SDSI v 1.0 document, it says,
>
> A SDSI principal is defined as a public signature verification key, one or
> more optional global names, and one or more optional internet addresses. The
> most important thing about a principal is its ability to verify signed
> statements; that is why a principal is defined in terms of its public key.
>
>In the SPKI draft, it says:
>
> The most important issue is the notion of the binding of a key to a
> principal.
>
> By PRINCIPAL, we mean an entity (e.g., person, processor,
> process, device (such as a printer), ...) which supplies a
> service or requests action in a distributed computer system.
>
>So in SDSI, a principal is a key, and in SPKI, a principal is a person
>or process, etc. In SDSI an issue is binding names, local or global,
>to principals. In SPKI an issue is binding keys to principals.
>
>In the interests of lessening confusion as the two efforts are merged,
>it would be good to adopt a consistent meaning for this term.
>
>Hal Finney
>PGP, Inc.
>
>
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: