[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-CARM] PKI, CAs, TTPs &c.

To: spki@c2.net
Subject: Re: [E-CARM] PKI, CAs, TTPs &c.
From: dpkemp@missi.ncsc.mil (David P. Kemp)
Date: Mon, 6 Apr 1998 12:14:27 -0400
Sender: owner-spki@c2.net

> From: Ben Laurie <ben@algroup.co.uk>
>
> Saying "my key uniquely identifies me" strikes me as reasonably valid
> (with some provisos), whereas saying "my pen uniquely identifies me" is
> (usually) nonsense.
> 
> Now, if you want to argue about whether a unique identifier can
> reasonably be called a name, there may be some grounds for that
> argument. But I can't see that it is in the slightest interesting.

Debating whether a unique identifier can be called a name is indeed
sterile and uninteresting.  Assume for the moment that it can.  Then
we have:

A key is a unique identifier:               True
A unique identifier can be called a name:   True
A key should be used as a name:             Non-sequitur, and IMHO, False.


A security mechanism exists not as an end in itself, but to protect some
existing practice.  Every practice uses some form of identification
for its principals - email goes between RFC822 (or X.411 or proprietary)
email addresses, Internet packets go between IP addresses, financial
transactions go between account numbers of some sort, etc.

The argument that Common Names are not unique, can change, etc, is
entirely specious.  To avoid going over that ground for the two thousand
and first time, perhaps we should avoid using the word "Name" entirely,
and instead use something like "Subject Unique Identifier" or UID.

X.509's thesis is that principals have an existence separate from, and
extending beyond the lifetime of, any cryptographic keys they may use.
And that if one is providing security to an existing practice, one
should use "names" from the domain of that practice.  X.509 defines
nine different name forms (including RFC822Name, EDIPartyName, and
IPAddress), and the list can be extended if necessary.

SPKI's thesis, that the key is (the Unique Identifier of) the
prinicipal, is simply backwards.  It focuses on the security mechanism
itself, instead of the practice which is being protected.  And it
causes unnecessary problems when keys are changed.

To quote Ben again,

> Now, if you want to argue about whether a unique identifier
     (read IPAddress in this context)
> can reasonably be called a name, there may be some grounds for that
> argument. But I can't see that it is in the slightest interesting.

Amen, brother.

Follow-Ups:

Re: [E-CARM] PKI, CAs, TTPs &c.

From: "Perry E. Metzger" <perry@piermont.com>

Prev by Date: Re: slides from WG meeting, 31 Mar 98
Next by Date: Re: [E-CARM] PKI, CAs, TTPs &c.
Prev by thread: Re: [E-CARM] PKI, CAs, TTPs &c.
Next by thread: Re: [E-CARM] PKI, CAs, TTPs &c.
Index(es):
- Main
- Thread