[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

k-of-n subjects versus k-of-n tags?

I was just reading through the latest cert-structure draft, after hearing
Ron Rivest's lecture at the University of Utah yesterday; basically it
all looks great, except for one minor thing that's nagging me...

Is there a really strong reason name certs should be so different from auth
certs?  Naming in the SPKI model seems to be just a form of authorization
anyway (authorization to be referred to under a given name in my
namespace).  I noticed there was some discussion about this in November or
so, so I won't belabor the issue too much...  But one question I didn't see
mentioned in my quick scan is why it is necessary or desirable to enforce a
"one cert, one name" rule, as would be done implitly if the name is in the
issuer expression.  Why shouldn't I be allowed to both define a name (or
even multiple names) and grant authorizations in a single cert?  Say I want
to place my dad under the three names "dad", "Bob", and "Robert Ford" in my
namespace, and grant him access to some of my files - should I really have
to create (and keep track of) four different certs in order to do this,
even if I would just be assigning the same validity period to all of them
anyway?  I can see why people often would often want to separate name certs
from auth certs, but that doesn't automatically imply that the standard
should require that they always be separated - that just makes things
cumbersome when it's not what you want.  Am I missing something?