[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: k-of-n subjects versus k-of-n tags?

> Is there a really strong reason name certs should be so different from auth
> certs?  Naming in the SPKI model seems to be just a form of authorization
> anyway (authorization to be referred to under a given name in my
> namespace).

I had always thought of this as one of the fundamental distinctions
between the SPKI keyholder-centric world and the PKIX human-centric
world.  A PKIX-world certificate says:

	"The person with name X has public key Y."

whereas an SPKI-world certificate with equivalent data would be saying:

	"Keyholder Y is authorized to use the name X."

Please correct me if this is a novice impression.


Follow-Ups: References: