[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: My two pennies
-----BEGIN PGP SIGNED MESSAGE-----
A million monkeys operating under the pseudonym
"Carl Ellison <cme@cybercash.com>" typed:
>
> At 03:57 PM 3/30/97 -0500, Marc Branchaud wrote:
>
<snip>
>
> >(23) If we do this, we should define a specific <auth> or set of <auth>s
> >for when this is the case, and also explicitly state that May-delegate
> >MUST be 0. This, of course, complicates things. What, exactly, is the
> >meaning when a non-key object is the subject of a cert?
>
> I was thinking, for example, of a signed purchase order or electronic check,
> signed code, ....
So for a signed purchase order, how about an "<auth>" field
containing:
( Purchase_Order (Purchase_Order_Number 009641)
(Part_Number 254525) (Part_Name "W256 Advanced Widget")
(Quantity 7) (Price_Per_Part "USD 0.05")
(Total_Price "USD 0.35") (Sales_Tax "USD 0.01")
(Sales_Contact joe@widgets.com) )
Or alternatively
( Purchase_Order (Purchase_Order_Doc SHA1
=SxVtA4KODLkzjQzzVFIL00pUc9J= http://acme.com/intranet/purchase_orders/009641
))
I think that the "<auth>" field is destined to be used for
things that are only dimly related to "secure telnet session"
- -style "authentication". In fact, calling it "auth" can lead to
confusion, I think. (Q: "Is this a purchase order or just an
authorization to make a purchase order like the one described
here?" A: "What's the difference?")
My apologies if I have completely misunderstood something.
Regards,
Zooko Journeyman
I am not a cypherpunk. NOT speaking for DigiCash or any other
person or organization. PGP sig follows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2
iQB1AwUBM0ATokjbHy8sKZitAQG9ewMAgM5+KcIKgPfd/OaHv2275JOyrUPSin74
HJ4wfnM/gtm7W7AiCWeisgNwY6z5xINL27QkAYjc8YkZnsxzDmoXU0K3smMn8XNG
3aVa8WNiSoIFAuCIIp2g92yJOCHCCSVp
=HQbu
-----END PGP SIGNATURE-----
Follow-Ups:
References: