[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Final Year Thesis : SPKI
On Mon, 29 Jun 1998, Carl Ellison wrote:
>At 04:45 PM 6/28/98 -0300, Ed Gerck wrote:
>>Comparing SPKI with X.509 is like comparing apples and speedboats.
>>In spite of its name, SPKI is NOT a PKI and does not allow a PKI to
>>be built with it. Neither with SDSI, in SPKI/SDSI.
>>Further, SPKI addresses the question of "what" and only to the issuer
>>-- while X.509 addresses "who" and "what" and not only to the issuer.
> I think we need to re-think these conclusions. I have been unable to
>detect these differences between SPKI and X.509 -- unless you define "PKI"
>as "building a global directory of distinguished names" -- ie., as a synonym
PKI is perhaps often understood as a public infrastructure (like the
road system) that must allow Bob to:
1. obtain Alice's public-key K *and*,
2. rely upon K to some extent (ie, trust it to some extent), in order
to send a message that Alice can decrypt.
Thus, the ability of anyone to find Carl Ellison's public-key and to
rely upon it to some extent in order to send a message that Carl can
decrypt would constitute the core of a PKI. Added functionality such
as verifying if Carl himself still relies upon that key (the issue of
CRLs) or which other keys would Carl also support (the path issue)
may also be important, although not essential.
In that, a PKI must be like a phonebook, where you have (either
explictly or implictly) a relationship between entities and keys and
where entities are represented by their identities (eg, names,
In X.509 that is possible, because a CA's CPS makes a connection
between keys, identities (names) and entities.
In SPKI, that is not even considered because SPKI does not deal at
all with the question of "who".
In fact, Carl has mentioned here that would provided by an added
for-profit service that would issue "subpoena certificates".
> Of course, there is a huge difference between X.509's practice of
>certifying names and the claim that it addresses "who" for anyone, much less
>for the whole world.
I read X.509 as supplying only *local* affirmations to one RA --
never global. X.509 deals with actions of one RA and the CAs that
connect with it, the RA/CA combination. For example, the DNs should
be unique only within one RA. Multiple RAs can have any number of
So, X.509 does not address "who" for anyone, much less to the whole
world. Just to each local RA jurisdiction -- which may even overlap.
The issue of connecting subjects that have certificates from
different CAs (with different RAs or not) is part of the PKI
A different and prior issue is whether that connection is possible or
not, which is where X.509 fails by ignoring:
>>Further, as a general rule, it is not advisable to set goals of what
>>you want to demonstrate before studying the subjects -- because the
>>subjects may not be even comparable, as the case at hand..
And this is perhaps the main failure of X.509: a X.509 PKI does not
Here, SPKI can IMO add a valuable contribution by distinguishing
between "who" and "what".
If I know who the "who" is, then I can proceed directly to the "what"
-- this is how I read SPKI.
Other issues remain, such as what happens when I don't know who the
"who" is -- but that can be left for other layers.
Dr.rer.nat. E. Gerck email@example.com
--- Meta-Certificate Group member, http://www.mcg.org.br ---