[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: My two pennies

To: Marc Branchaud <marcnarc@zoo.net>
Subject: Re: My two pennies
From: Carl Ellison <cme@cybercash.com>
Date: Mon, 31 Mar 1997 05:31:37 -0500
Cc: spki@c2.net
In-Reply-To: <Pine.LNX.3.93.970330144348.52B-100000@aardvark.zoo.net>
References: <199703291348.AA22563@swan.lcs.mit.edu>
Sender: owner-spki@c2.net

At 03:57 PM 3/30/97 -0500, Marc Branchaud wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>Many, many issues to discuss.  I'll try to refer to an issue number form
>the draft as I make my points...

Thanks for all the comments.  I did get a little issue-happy, didn't I?


>(22) I don't understand the issue here.  If we're letting users define
>their own object types (which is different from defining an <auth> type)
>then I guess we should use local dictionaries.  Am I making sense?

I was considering user-defined <auth> types with named parameters.  Each of 
those parameters would have a user-defined object type.

>(23) If we do this, we should define a specific <auth> or set of <auth>s
>for when this is the case, and also explicitly state that May-delegate
>MUST be 0.  This, of course, complicates things.  What, exactly, is the
>meaning when a non-key object is the subject of a cert?

I was thinking, for example, of a signed purchase order or electronic check,
signed code, ....

>(25) It's always better to state things as clearly as possible.  I say put
>the statement in the document.
>
>Finally, two syntactical points about the draft.
>
>- - For dates (4.1.18), don't make any fields optional.  It could make for
>  interoperability problems, especially WRT hashing.  Also, make an
>  explicit definition for midnight.

How would you define midnight?  1997-03-31_midnight ?  If so, we have the problem of deciding whether this is the midnight which just happened a few hours ago as I write this or the midnight which is yet to come.

>- - <valid> is defined as:
>	<valid>:: <not-before>? <not-after>? <online-test>? ;
>  Should it not be:
>	<valid>:: ( <not-before> | <not-after> ) | <online-test> ;

How are you using the ()s?  | is logical OR, so the ()s have
no function here.

I used ?s because I assumed someone would want to specify up
to all 3 of these.

 - Carl


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

Follow-Ups:

Re: My two pennies

From: Marc Branchaud <marcnarc@zoo.net>

Re: My two pennies

From: Bryce <bryce@digicash.com>

References:

Comments on SPKI draft of 25 March 1997

From: rivest@theory.lcs.mit.edu (Ron Rivest)

My two pennies

From: Marc Branchaud <marcnarc@zoo.net>

Prev by Date: Re: Principals in SPKI vs SDSI
Next by Date: Re: Typeability and screen space
Prev by thread: My two pennies
Next by thread: Re: My two pennies
Index(es):
- Main
- Thread