[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: KeyNote draft available
Ben Laurie writes:
> E. Gerck wrote:
> > Eaach tool has its domain of use and one may have all sorts of
> > different nails. The fact that X.509 does not cover all nails does
> > not mean that it does not hammer in the nails it was designed to
> > handle. In other words, as my first msg on this topic, if you
> > can restrict the problems to set = A then you are doing a better
> > job then not restricting anything -- which effectively makes
> > A = Universe (in set theory).
> This just does not cut it. If people can give away their, err, whatever
> it is that they're not supposed to give away outside the electronic
> domain, then they can give it away. No amount of waffle about nails and
> sets will fix that.
My argument above was macroscopic. However, it is not hard to present
microscopic arguments to the same effect, of course.
First, not all actors on the Internet are people -- which means that
not all actors have free will, even though they can ALL have errand
behavior. So, since it can't be proved whether a given complex piece
of software is 100% error-free or not then it is simple logic to
constrain behavior in "security shells". Avoiding indefinite
delegation is a security shell and if we can judge by the recent
errata to the KeyNote draft alone, a shell that is certainly needed
even when one's work is restricted to boolean expressions...
Second, human behavior itself has motivated the need to control
delegation in mandates (for example, a proxy that has been delegated
authorization to represent Bob in a marriage with Alice within the
next month, usually ;-) cannot re-delegate to Bill, cannot re-assign
the marriage to Malice and cannot do it ten years from now. If that
has been found socially necessary, then I see no reason to forget
about it when authorizations represent mandates in the digital world.
Third, not ALL people CAN express their free-will to do, err, whatever
they desire in the Internet. And, that is good so -- even though
hackers can do a lot of what their free-will desires. So, does this
mean that you will grant super-user access to anyone telneting as
anonymous and then just persecute the miscreants?
If you do, then at least you can say your site is hacker-free ;-)
Dr.rer.nat. E. Gerck firstname.lastname@example.org
--- Visit the Meta-Certificate Group at http://www.mcg.org.br ---