[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: k-of-n subjects versus k-of-n tags?
-----BEGIN PGP SIGNED MESSAGE-----
At 04:38 PM 1/23/98 -0800, Curtis Yarvin wrote:
>>
>> Is there a really strong reason name certs should be so different from auth
>> certs? Naming in the SPKI model seems to be just a form of authorization
>> anyway (authorization to be referred to under a given name in my
>> namespace).
>
>I had always thought of this as one of the fundamental distinctions
>between the SPKI keyholder-centric world and the PKIX human-centric
>world. A PKIX-world certificate says:
>
> "The person with name X has public key Y."
>
>whereas an SPKI-world certificate with equivalent data would be saying:
>
> "Keyholder Y is authorized to use the name X."
>
>Please correct me if this is a novice impression.
>
>Thanks,
>Curtis
Curtis,
I would disagree on a couple of small points, but in general I think you
are getting the idea.
The first small point is that PKIX is not human-centric. It is
name-centric. The idea is incorrect that a name (e.g., an X.509
Distinguished Name) is an acceptable identifier of a person and can therefore
be used where you intend to reference a person. Of course, that's the idea
that much of X.509 is based on -- but it's wrong. Names are not acceptable
identifiers of people -- not in large cities or on the net.
I believe both X.509 and SPKI try to be human-centric. The question is how
you identify that human. X.509 followed the belief that a name identifies a
person. SPKI uses a public key as an identifier of a person: specifically
of the person who controls the associated private key. That information may
not be meaningful to you, but then knowing that someone's family name is Kim
and that he lives in Seoul So. Korea is probably not meaningful to you
either. Either way you need to learn something else about the keyholder --
something that actually means something to you for your application.
The main thing that separated SPKI from X.509 is that the original X.509
stopped with the establishment of a name for a key, as if that's all one
needed to know. [That *is* all you need to know, if you're in a small town,
a family, a small school, or other small community.] With SPKI, we asked
not "who is associated with that key?" but rather "what is that keyholder
allowed to do?". So, we bind authorizations to keys -- not names.
OTOH, names are important to us. They are the mechanisms we use to
identify our friends when we think about them. Each of us has a name space,
in our own heads, labeling a body of memories and facts which is the true
identity of a person, as far as we are concerned. So, we use these
personal names for people as identities. We need to do that. SDSI names
give us that ability -- using the only names for people that are meaningful
to us: our own names for them.
So, starting with the idea that names don't work, we came back to the idea
that we need names. The difference was that X.500 proposed global names and
it's the global name, assigned by the X.500 process, that makes the names
useless. We humans will create our own local names, no matter what anyone
else decides -- and those are the names we need to support. Those are the
names we do support.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQCVAwUBNMqfYBN3Wx8QwqUtAQEhhAP+Np0TOgPxlPu2ZdI0OkY9m/ChIwjBfG+/
0F+BmERCmGKWd6leDqgvoEX9yL6CngLpevxSx4f0rDKrimRbRGk0injVulduaLPu
/Cu6KvckMfJsxdM5QXl6nYi6S4Bk/ZCxo7vHg5BzbzdfP8A8tA1lHDaHoyYoTJrd
RlbOdhcfmhA=
=KgyJ
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: