[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Designer Certs

>>I think what he means is that SPKI is a layered solution,
>>where X.509 is a monolithic solution.
>You seem to be confusing 509v1 with 509v3.  It seems to me that
>509v3 defines a minimal (not most minimal) semantics for basic
>communication and interoperation, and then leaves a way for anyone
>to add any additional semantics they wish.  (BTW, the "CRITICAL" bit
>is just as innovative and important as Unix's setuid bit.)

Indeed the SPKI and X.509v3 formats are formally equivalent in the
sense that all Turing machines are. An SPKI cert could be 
encapsulated in an X.509v3 cert using a critical attribute.

There is a value in researching new certificate mechanisms and
in doing so its a good idea to avoid all the mental baggage of
existing implementation. Nobody is going to com up with a trully
novel certificate scheme thinking about being compliant with
Novogator 3.4b3.

However once research is complete the most likely means by
which the market will adopt the results is by finding some 
means of making it backwards compatible with the old.

To give one example. PGP demonstrated that the rigid monolithic
trust pyramid of PEM was unnecessary. The industry discovered
however that X.509 could be made to work simply by burning
the X.500 architecture guide and allowing any issuer name
to sign any other. As a matter of fact there is no reason not to
use X.509 certs with PGP.

Curiously enough PGP also demonstrates that the hierarchical
scheme wasn't such a bad concept. The best way of making
PGP work is to arrange key signing parties such as those held 
at the IETF. In other words people left to their own devices tend 
to spontaneously organize themselves.

The moral is that it is a bad idea to force people to do what they
are likely to do in any case. The constraints of the mandatory
PEM hierarchy were impossible to work with. PGP proved that 
mandatory hierarchy was unnecessary. Once compulsion was 
eliminated however people adopted structures that have lead
to the misleading conclusion that X.509v3 mandates hierarchy.

Or to take another example, we designed the Web with the idea
that there should be no 'top', that is there should be no central
administration point. Yet this very fact has allowed Lycos, Yahoo,
Excite to provide services of this very nature.

The voluntary/mandatory argument comes in also over key
escrow. If we could only persuade Freeh to shut the Tarantino
up many large commercial organizations realize they need
key escrow. By they certainly don't want it on terms dictated
from the J Edgar Hoover building.

Finally consider the problem of interdomain certification, the 
problem of one CA recognising certificates of another. One camp
declares that the way to solve this is to create some automated
cross-certification mechanism. I find this unconvincing since
it implies that establishing trust between CAs is easier than
establishing trust between individuals. If this was such a good
idea in the first place someone would have filled a patent on it.

Another camp says, this is the area where humans have to enter,
where trust is going to be established in long meetings with lots
of lawyers sitting round the table. I believe that at this level it
is inevitable that some sort of hierarchy will emerge but it will
emerge by consent, not by decree.