[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on SPKI draft of 25 March 1997

At 07:12 PM 3/31/97 -0800, Bill Frantz wrote:
>This problem is greater than the question of whether may-delegate is
>boolean or integer.  Consider that the verifier has generated a certificate
>result certificate (CRC) giving Z direct authority.  Then if a revocation
>is generated for Y, it doesn't affect Z.  However, if no CRC has been
>generated, the revocation does affect Z.  Since we have been saying that a
>CRC is an optimization, and doesn't affect the security model, we have a
>problem.  (Note that in this view, when Y loses access Z should as well.
>IMHO that is the correct behavior.  If Z is to have first class access, Z
>must get it from X, not from Y.  By getting it from Y, Z's access is
>dependent on Y.)

Bill,

	the reason the CRC is as good as the chain it was reduced from is that its 
validity field is the intersection of those of the whole chain (intersection 
of date ranges and union of on-line tests).  (This implies, BTW, that we must 
permit <online-test>*, not just <online-test>?).

	When you let a single cert out into the world with a lifetime until date D,
you're free to revoke it before D, but not to expect that others will see your
revocation before D.  If that makes you uncomfortable, you need to reign in D.
This leaves the cert in an undetermined state for a while.

	The effect above has nothing to do with delegation.  When I take in any
single cert and validate it, I enter its result in an on-line cache and am free
to keep that cache entry (without doing any updates) until it expires.

	If you are *really* uncomfortable with letting a cert live even a second 
after you might decide it's invalid, then you need to do on-line tests of 
validity which are valid for only one challenge/response cycle.  That's the 
closest you get to a 0-lifetime cert.  However, because messages take a 
finite amount of time to be delivered, it's still possible for you to give 
the "it's valid" response and have that be in transit while the "it's not 
valid" message arrives at your server.

	This isn't some perversity on my part.  It's a side effect of the speed of 
light and the fact that there is no absolute time coordinate.

 - Carl



+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+
Follow-Ups: References: