[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: KeyNote draft available

Matt Blaze, <mab@research.att.com>, writes:
> Yes, that's right.  If you allow delegation at all, nothing in the current
> KeyNote semantics limits the extent of the delegation permitted.
> I think this is a reasonable limitation, but if anyone can come up with
> a non-wildly-hypothetical application that this breaks, I'd be willing
> to add  some mechanism do deal with this case.  (Actually, I'd suggest
> that applications that require such complex policies should probably
> use PolicyMaker, which handles such things reasonably easily).

The CA application is a bit unusual, in that the power which is being
granted to the CA is the power to certify other keys.  So it inherently
involves delegation, unlike, say, the power to access a particular file.
It can therefore be delegated arbitrarily farther.

To the extent that KeyNote is designed to support PKI applications, as
the document suggests, you might consider how delegation is supported
in various candidates for PKIs.

X.509v3 has the concept of a pathLenConstraint which limits the
depth to which a CA may delegate authority.  CAs can be constrained to
be only able to certify end user keys, or they can be the front of a
CA chain with some specified length limit.

PGP originally did not allow delegation of authority to certify, but in
recent versions has introduced the "meta introducer certificate" which
allows a specified depth of delegation.  Using this, users can give a key
authority not only to certify other keys, but to certify other certifiers.

SPKI at one time discussed the idea of limiting delegation depth in
various ways, but it became complicated and now it has just binary

Carl has collected a very interesting set of example uses of certificates
in http://www.clark.net/pub/cme/reqts.txt.  Some of them would be best
expressed by limited delegation, as with:

   - My bank would need a certificate, proving to others that it is a
     bank capable of cashing electronic checks and permitted to give
     permission to people to write electronic checks.

We have a bank which is only supposed to delegate check-writing authority
one level, to end users.  But with SPKI and KeyNote I think this would
require giving the bank the ability to delegate that power arbitrariy,
if it chose.

Experience with SPKI will help to judge whether binary delegation is
sufficient for most uses.  It is an attractive and elegant approach and
deserves a trial.

Hal Finney