[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: k-of-n subjects versus k-of-n tags?
>
> Is there a really strong reason name certs should be so different from auth
> certs? Naming in the SPKI model seems to be just a form of authorization
> anyway (authorization to be referred to under a given name in my
> namespace).
I had always thought of this as one of the fundamental distinctions
between the SPKI keyholder-centric world and the PKIX human-centric
world. A PKIX-world certificate says:
"The person with name X has public key Y."
whereas an SPKI-world certificate with equivalent data would be saying:
"Keyholder Y is authorized to use the name X."
Please correct me if this is a novice impression.
Thanks,
Curtis
Follow-Ups:
References: