KeyNote examples - correct version

[Matt Blaze <mab@research.att.com>]

Oops - I sent an old editor backup instead of the real file.
Here's the correct version:

-matt


In the interest of readability, these examples use much shorter
keys than would ordinarily be used.  Note that the "SIGNATURE"
fields in these examples do not represent the result of any real
signature calculation.


1. TRADITIONAL CA / EMAIL

A. A policy unconditionally delegating trust to the holder of RSA
   key abc123:

        VERSION: 1
        SIGNER: policy
        KEY-PREDICATE: rsa-sha1-pkcsX:6:abc123;
        TRUST-PREDICATE: true

B. A credential assertion in which RSA Key abc123 trusts either 
   DSA key def456 or RSA key 123aaa to perform actions in which 
   the "app_domain" is "rfc822-email", the "name" is either
   "M. Blaze" or empty, and the "address" matches the regular
   expression "^.*@keynote.research.att.com$".  In other 
   words, abc123 trusts def456 and 123aaa as certification 
   authorities for the keynote.research.att.com domain.

        VERSION: 1
        SIGNER: rsa-sha1-pkcsX:6:abc123
        KEY-PREDICATE: dsa-sha1-pkcsX:6:def456 ||
                       rsa-sha1-pkcsX:6:123aaa
        TRUST-PREDICATE: (($app_domain="RFC822-EMAIL") &&
                          ($address ~= "^.*@keynote.research.att.com$"))
        SIGNATURE: rsa-md5-pkcsX:16:00112233445566a3

C. A certificate credential for a specific user, issued by one of
   the certification authorities above:

        VERSION: 1
        SIGNER: dsa-sha1-pkcsX:6:def456
        KEY-PREDICATE: dsa-sha1-pkcsX:6:01a32f
        TRUST-PREDICATE: (($app_domain="RFC822-EMAIL") &&
                          ($name = "M. Blaze" || $name = "") &&
                          ($address="mab@keynote.research.att.com"))
        SIGNATURE: rsa-sha1-pkcsX:16:f43a2c81ffea129d

D. Another certificate credential for a specific user, issued by one
   of the certification authorities above.  This one allows three
   different keys to sign as jf@keynote.research.att.com (each with
   a different crypto algorithm).  Three credentials in one:

        VERSION: 1
        SIGNER: dsa-sha1-pkcsX:6:def456
        KEY-PREDICATE: dsa-sha1-pkcsX:6:22a413 ||
                       rsa-sha1-pkcsX:8:1d024811 ||
                       rsa-md5-pkcsX:10:3a4f55220e
        TRUST-PREDICATE: (($app_domain="RFC822-EMAIL") &&
                          ($name = "J. Feigenbaum" || $name = "") &&
                          ($address="jf@keynote.research.att.com"))
        SIGNATURE: rsa-sha1-pkcsX:16:80ab4186d01744cc

Observe that under policy A and credentials B, C and D, the following
action environments are accepted:

        $action_signer = "dsa-sha1-pkcsX:6:01a32f"
        $app_domain = "RFC822-EMAIL"
        $address="mab@keynote.research.att.com"
and
        $action_signer = "dsa-sha1-pkcsX:6:01a32f"
        $app_domain = "RFC822-EMAIL"
        $address="mab@keynote.research.att.com"
        $name="M. Blaze"

while the following are not accepted:

        $action_signer = "dsa-sha1-pkcsX:6:01a32f"
        $app_domain = "RFC822-EMAIL"
        $address="angelos@dsl.cis.upenn.edu"
and
        $action_signer = "dsa-sha1-pkcsX:6:22a413
        $app_domain = "RFC822-EMAIL"
        $address="mab@keynote.research.att.com"
        $name="M. Blaze"
and
        $action_signer = "dsa-sha1-pkcsX:6:01a32f"
        $app_domain = "RFC822-EMAIL"
        $address="mab@keynote.research.att.com"
        $name="J. Feigenbaum"

E.  Here's a credential that does not allow delegation to another key:

        VERSION: 1
        SIGNER: dsa-sha1-pkcsX:6:def456
        KEY-PREDICATE: dsa-sha1-pkcsX:6:410011
        TRUST-PREDICATE: ($app_domain="RFC822-EMAIL") &&
                         ($action_signers="dsa-sha1-pkcsX:6:410011") &&
                         ($name = "A. Keromytis" || $name = "") &&
                         ($address="angelos@keynote.research.att.com")
        SIGNATURE: rsa-sha1-pkcsX:16:112358aabbccddee

Now, even if we add a credential:

        VERSION: 1
        SIGNER: dsa-sha1-pkcsX:6:410011
        KEY-PREDICATE: dsa-sha1-pkcsX:6:dadada
        TRUST-PREDICATE: true
        SIGNATURE: rsa-sha1-pkcsX:16:112358aabbccddee

we still won't accept this action environment:

        $action_signer = "dsa-sha1-pkcsX:6:dadada"
        $app_domain = "RFC822-EMAIL"
        $address="angelos@keynote.research.att.com"
        $name="A. Keromytis"

Although, of course, we would accept:

        $action_signer = "dsa-sha1-pkcsX:6:410011"
        $app_domain = "RFC822-EMAIL"
        $address="angelos@keynote.research.att.com"
        $name="A. Keromytis"


2. WORKFLOW/ELECTRONIC COMMERCE

F. A policy that delegates authority for the "SPEND" application
   domain to RSA key bbc1ab when @dollars is less than 10000.

        VERSION: 1
        SIGNER: policy
        KEY-PREDICATE: rsa-sha1-pkcsX:6:bbc1ab
        TRUST-PREDICATE: ($app_domain="SPEND") &&
                         (@dollars < 10000)

G. RSA key bbc1ab requires the signature of at least 2 signers,
   one of which must be DSA key 44aabb in the "SPEND" application
   when @dollars is less than 5000

        VERSION: 1
        SIGNER: rsa-sha1-pkcsX:6:bbc1ab
        KEY-PREDICATE: dsa-sha1-pkcsX:6:44aabb &&
                       (rsa-sha1-pkcsX:6:ffb1c4 ||
                        dsa-sha1-pkcsX:6:c2d100 ||
                        dsa-sha1-pkcsX:6:6a5023 ||
                        dsa-sha1-pkcsX:4:dead ||
                        dsa-sha1-pkcsX:4:beef)
        TRUST-PREDICATE: ($app_domain="SPEND") &&
                         (@dollars < 5000)
        SIGNATURE: rsa-sha1-pkcsX:10:ffab110c761b41cd

H. As above, but only one signer required if @VALUE < 100.

        VERSION: 1
        SIGNER: rsa-sha1-pkcsX:6:bbc1ab
        KEY-PREDICATE: (dsa-sha1-pkcsX:6:44aabb ||
                        rsa-sha1-pkcsX:6:ffb1c4 ||
                        dsa-sha1-pkcsX:6:c2d100 ||
                        dsa-sha1-pkcsX:6:6a5023 ||
                        dsa-sha1-pkcsX:4:dead ||
                        dsa-sha1-pkcsX:4:beef)
        TRUST-PREDICATE: ($app_domain="SPEND") &&
                         (@dollars < 100)
        SIGNATURE: rsa-sha1-pkcsX:10:a000ff1c0a44ccdd

Under policy F and credentials G and H, we accept:

        $action_signer = "dsa-sha1-pkcsX:6:444aabb"
        $app_domain = "SPEND"
	@dollars = 45
	$unmentioned_variable="whatever"
and

        $action_signer = "dsa-sha1-pkcsX:4:dead, dsa-sha1-pkcsX:4:beef"
        $app_domain = "SPEND"
	@dollars = 550

and

        $action_signer = "dsa-sha1-pkcsX:6:44aabb, dsa-sha1-pkcsX:4:dead"
        $app_domain = "SPEND"
	@dollars = 2500

and

        $action_signer = "rsa-sha1-pkcsX:6:bbc1ab"
        $app_domain = "SPEND"
	@dollars = 2000


However, the following are not accepted:

        $action_signer = "dsa-sha1-pkcsX:4:dead"
        $app_domain = "SPEND"
	@dollars = 550

and

        $action_signer = "dsa-sha1-pkcsX:4:dead, dsa-sha1-pkcsX:4:beef"
        $app_domain = "SPEND"
	@dollars = 2500



3. COMMAND AND CONTROL AUTHORIZATION

I. A policy that at least two signers are required to authorize the
   launch of missiles against London or Moscow.

        VERSION: 1
        SIGNER: policy
        KEY-PREDICATE: 2-of(dsa-sha1-pkcsX:6:44aabb,
                            rsa-sha1-pkcsX:6:ffb1c4,
                            dsa-sha1-pkcsX:6:c2d100,
                            dsa-sha1-pkcsX:6:6a5023,
                            dsa-sha1-pkcsX:4:dead,
                            dsa-sha1-pkcsX:4:beef)
        TRUST-PREDICATE: ($app_domain="NUKE") &&
                         ($action="launch") &&
                         ($delivery_system="missile") &&
                         (($target="moscow") || ($target="london"))

---

• Prev by Date: Re: KeyNote draft available
• Next by Date: Missing credential from section 2 in previous message
• Prev by thread: last draft piece submitted
• Next by thread: Missing credential from section 2 in previous message
• Index(es):
  • Main
  • Thread