[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
Let me explain something to this list which seems to be totally missed.
A certficate is a digital form of ones key, ones identity and ones
privileges within a domain as defined by the key issuer of that domain.
Its like my amex works in an amex domain, my visa in the visa domain, mt
qantas club in the quantas club domain, etc.. ie a certficate is a
currency for a service within a domain.
The government departments want to manage people electronically to
reduce the cost of operation, thats like amex asking one to have a
credit card to do electronic transactions instead of carrying cash
arround.
ie there is a component of "tracking" and loss of "privicay but that is
offset by choice for the cashflow, credit and billing conveneience.
The governments of this world want to provide their staff WHERE REQUIRED
a token that permits them to do business on behalf of the govenment - so
that things can be tracked and managed.
The same will apply to the customers of the government WHERE
APPROPRIATE.. And the govt will set up PKI functions for its domains of
certificates - not for everything in every context.
So one should not condemn functions such as X.500/X.509 and PKIs with
the policy on how its used. Its usage has advantages and disadvantages -
But saying a govt card will be used to track the web pages you read is
far fetched.. Just read those without naming yourself - thats all.
Hope this helps.
regards alan
----------
From: Ian Brown
To: Alan Lloyd; 'Carl Ellison '
Cc: spki
Sent: 7/26/98 9:29:39 PM
Subject: Re: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
> Feds want a digital certificate in every pot
And regardless of other issues, I know I would rather live in a SPKI
world than one with the great privacy implications of a govt.-issued
"e-passport."
I would *love* the government to know every Web page I ever read or
purchase I ever made.
Ian.
From ???@??? Wed Aug 12 19:18:47 1998
Received: from mail.acm.org (mail.acm.org [199.222.69.4])
by ice.clark.net (8.8.8/8.8.8) with ESMTP id SAA26794
for <cme@clark.net>; Sun, 26 Jul 1998 18:51:50 -0400 (EDT)
Received: from dsg1.OpenDirectory.com.au ([203.108.249.145]) by mail.acm.org (8.8.5/8.7.5) with ESMTP id SAA28336 for <cme@acm.org>; Sun, 26 Jul 1998 18:42:45 -0400
Received: by DSG1 with Internet Mail Service (5.0.1458.49)
id <PVWD70YM>; Mon, 27 Jul 1998 08:49:22 +1000
Message-ID: <D1A949D4508DD1119C8100400533BEDC060775@DSG1>
From: Alan Lloyd <Alan.Lloyd@OpenDirectory.com.au>
To: "''Carl Ellison ' '" <cme@acm.org>, "'Ian Brown '" <I.Brown@cs.ucl.ac.uk>
Cc: "'spki '" <spki@c2.net>
Subject: RE: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
Date: Mon, 27 Jul 1998 08:49:21 +1000
X-Priority: 3
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.0.1458.49)
Content-Type: text/plain
Status: O
Let me explain something to this list which seems to be totally missed.
A certficate is a digital form of ones key, ones identity and ones
privileges within a domain as defined by the key issuer of that domain.
Its like my amex works in an amex domain, my visa in the visa domain, mt
qantas club in the quantas club domain, etc.. ie a certficate is a
currency for a service within a domain.
The government departments want to manage people electronically to
reduce the cost of operation, thats like amex asking one to have a
credit card to do electronic transactions instead of carrying cash
arround.
ie there is a component of "tracking" and loss of "privicay but that is
offset by choice for the cashflow, credit and billing conveneience.
The governments of this world want to provide their staff WHERE REQUIRED
a token that permits them to do business on behalf of the govenment - so
that things can be tracked and managed.
The same will apply to the customers of the government WHERE
APPROPRIATE.. And the govt will set up PKI functions for its domains of
certificates - not for everything in every context.
So one should not condemn functions such as X.500/X.509 and PKIs with
the policy on how its used. Its usage has advantages and disadvantages -
But saying a govt card will be used to track the web pages you read is
far fetched.. Just read those without naming yourself - thats all.
Hope this helps.
regards alan
----------
From: Ian Brown
To: Alan Lloyd; 'Carl Ellison '
Cc: spki
Sent: 7/26/98 9:29:39 PM
Subject: Re: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
> Feds want a digital certificate in every pot
And regardless of other issues, I know I would rather live in a SPKI
world than one with the great privacy implications of a govt.-issued
"e-passport."
I would *love* the government to know every Web page I ever read or
purchase I ever made.
Ian.
From ???@??? Wed Aug 12 19:18:50 1998
Received: from mail.acm.org (mail.acm.org [199.222.69.4])
by ice.clark.net (8.8.8/8.8.8) with ESMTP id TAA02172
for <cme@clark.net>; Sun, 26 Jul 1998 19:16:35 -0400 (EDT)
Received: from blacklodge.c2.net (blacklodge.c2.net [208.139.36.35]) by mail.acm.org (8.8.5/8.7.5) with ESMTP id TAA34742; Sun, 26 Jul 1998 19:07:34 -0400
Received: (from majordom@localhost) by blacklodge.c2.net (8.8.8/8.7.3) id QAA18998 for spki-outgoing; Sun, 26 Jul 1998 16:03:59 -0700 (PDT)
X-Authentication-Warning: blacklodge.c2.net: majordom set sender to owner-spki@c2.org using -f
Message-ID: <D1A949D4508DD1119C8100400533BEDC060776@DSG1>
From: Alan Lloyd <Alan.Lloyd@OpenDirectory.com.au>
To: Alan Lloyd <Alan.Lloyd@OpenDirectory.com.au>,
"'Perry E. Metzger '"
<perry@piermont.com>
Cc: "'spki@c2.net '" <spki@c2.net>
Subject: RE: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
Date: Mon, 27 Jul 1998 09:02:39 +1000
X-Priority: 3
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.0.1458.49)
Content-Type: text/plain
Sender: owner-spki@c2.net
Precedence: bulk
Status: O
Person A says - this document specifies a Simple PKI..
Person B says - no it does not - specifies how to hash a signature and
make a number of it.
Person A says - this is a pointless argument.
Person B says - When is a PKI not a PKI - when it S in front of it.
Or Cant wait to see the "infrastructure" part - PKIs are about
managaging public keys (not private ones) with an infrastructure that
uses X.509 certs attached to named entities in directories (X.500) which
are distributed object oriented name based transaction systems..
whats the simple approach - no directories, no certficates, therefore no
issuers, no trust and no management...
magic
why not call it PKPI - pointless PKI.
regards alan
----------
From: Perry E. Metzger
To: Alan Lloyd
Cc: spki@c2.net
Sent: 7/27/98 8:30:09 AM
Subject: Re: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
Alan Lloyd writes:
> Perry, fine by me. The unfortunate fact is that the IT industry sees
> "simple PKI" and expects that to do the job of a real one.
It is my opinion that it would, but I believe we've already been
through that. The purpose of this list is not (currently) to have
pointless arguments that won't end anywhere. I'd like to end this now.
Perry
From ???@??? Wed Aug 12 19:18:52 1998
Received: from mail.acm.org (mail.acm.org [199.222.69.4])
by ice.clark.net (8.8.8/8.8.8) with ESMTP id TAA03141
for <cme@clark.net>; Sun, 26 Jul 1998 19:20:24 -0400 (EDT)
Received: from blacklodge.c2.net (blacklodge.c2.net [208.139.36.35]) by mail.acm.org (8.8.5/8.7.5) with ESMTP id TAA43398; Sun, 26 Jul 1998 19:11:25 -0400
Received: (from majordom@localhost) by blacklodge.c2.net (8.8.8/8.7.3) id QAA19054 for spki-outgoing; Sun, 26 Jul 1998 16:07:28 -0700 (PDT)
X-Authentication-Warning: blacklodge.c2.net: majordom set sender to owner-spki@c2.org using -f
Message-Id: <199807262306.TAA17625@jekyll.piermont.com>
To: Alan Lloyd <Alan.Lloyd@OpenDirectory.com.au>
cc: spki@c2.net
Subject: Re: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
In-reply-to: Your message of "Mon, 27 Jul 1998 08:49:21 +1000."
<D1A949D4508DD1119C8100400533BEDC060775@DSG1>
Reply-To: perry@piermont.com
X-Reposting-Policy: redistribute only with permission
Mime-Version: 1.0 (generated by tm-edit 7.108)
Content-Type: text/plain; charset=US-ASCII
Date: Sun, 26 Jul 1998 19:06:32 -0400
From: "Perry E. Metzger" <perry@piermont.com>
Sender: owner-spki@c2.net
Precedence: bulk
Status: O
Alan Lloyd writes:
> Let me explain something to this list which seems to be totally missed.
No, it hasn't been missed.
As I've stated several times now, this argument has occurred before,
and there is no wish to have it again.
For the last time, please stop now.
Perry
From ???@??? Wed Aug 12 19:18:54 1998
Received: from mail.acm.org (mail.acm.org [199.222.69.4])
by ice.clark.net (8.8.8/8.8.8) with ESMTP id TAA03396
for <cme@clark.net>; Sun, 26 Jul 1998 19:21:35 -0400 (EDT)
Received: from blacklodge.c2.net (blacklodge.c2.net [208.139.36.35]) by mail.acm.org (8.8.5/8.7.5) with ESMTP id TAA20192; Sun, 26 Jul 1998 19:12:34 -0400
Received: (from majordom@localhost) by blacklodge.c2.net (8.8.8/8.7.3) id QAA19067 for spki-outgoing; Sun, 26 Jul 1998 16:09:00 -0700 (PDT)
X-Authentication-Warning: blacklodge.c2.net: majordom set sender to owner-spki@c2.org using -f
Message-Id: <199807262308.TAA17633@jekyll.piermont.com>
To: Alan Lloyd <Alan.Lloyd@OpenDirectory.com.au>
cc: spki@c2.net
Subject: Re: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
In-reply-to: Your message of "Mon, 27 Jul 1998 09:02:39 +1000."
<D1A949D4508DD1119C8100400533BEDC060776@DSG1>
Reply-To: perry@piermont.com
X-Reposting-Policy: redistribute only with permission
Mime-Version: 1.0 (generated by tm-edit 7.108)
Content-Type: text/plain; charset=US-ASCII
Date: Sun, 26 Jul 1998 19:08:14 -0400
From: "Perry E. Metzger" <perry@piermont.com>
Sender: owner-spki@c2.net
Precedence: bulk
Status: RO
Alan Lloyd writes:
> why not call it PKPI - pointless PKI.
Mr. Lloyd, as co-chair of the working group, I am asking you to
stop now. I will not have the mailing list filled with a pointless
argument. If you do not wish to use the output of this working group,
you are free not to. You are not, however, free to disrupt it.
.pm
From ???@??? Wed Aug 12 19:18:57 1998
Received: from mail.acm.org (mail.acm.org [199.222.69.4])
by ice.clark.net (8.8.8/8.8.8) with ESMTP id TAA06040
for <cme@clark.net>; Sun, 26 Jul 1998 19:34:20 -0400 (EDT)
Received: from blacklodge.c2.net (blacklodge.c2.net [208.139.36.35]) by mail.acm.org (8.8.5/8.7.5) with ESMTP id TAA04094; Sun, 26 Jul 1998 19:25:19 -0400
Received: (from majordom@localhost) by blacklodge.c2.net (8.8.8/8.7.3) id QAA19179 for spki-outgoing; Sun, 26 Jul 1998 16:20:46 -0700 (PDT)
X-Authentication-Warning: blacklodge.c2.net: majordom set sender to owner-spki@c2.org using -f
Message-Id: <3.0.3.32.19980726231803.008bfc50@127.0.0.1>
X-Sender: smb@127.0.0.1
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32)
Date: Sun, 26 Jul 1998 23:18:03 +0000
To: perry@piermont.com
From: "Steven M. Bellovin" <smb@research.att.com>
Subject: Re: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
Cc: Alan Lloyd <Alan.Lloyd@OpenDirectory.com.au>, spki@c2.net
In-Reply-To: <199807262308.TAA17633@jekyll.piermont.com>
References: <Your message of "Mon, 27 Jul 1998 09:02:39 +1000." <D1A949D4508DD1119C8100400533BEDC060776@DSG1>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-spki@c2.net
Precedence: bulk
Status: O
At 07:08 PM 7/26/98 -0400, Perry E. Metzger wrote:
>
>Alan Lloyd writes:
>> why not call it PKPI - pointless PKI.
>
>Mr. Lloyd, as co-chair of the working group, I am asking you to
>stop now. I will not have the mailing list filled with a pointless
>argument. If you do not wish to use the output of this working group,
>you are free not to. You are not, however, free to disrupt it.
As the other co-chair, I agree with Perry. SPKI is based on certain
fundamental assumptions. You're welcome to disagree with those
assumptions -- but this list, at this point in the process, is not
an appropriate place to debate them.
Please stop this discussion *now*.
--Steve Bellovin
From ???@??? Wed Aug 12 19:19:01 1998
Received: from mail.acm.org (mail.acm.org [199.222.69.4])
by ice.clark.net (8.8.8/8.8.8) with ESMTP id TAA09662
for <cme@clark.net>; Sun, 26 Jul 1998 19:47:48 -0400 (EDT)
Received: from blacklodge.c2.net (blacklodge.c2.net [208.139.36.35]) by mail.acm.org (8.8.5/8.7.5) with ESMTP id TAA37170; Sun, 26 Jul 1998 19:38:47 -0400
Received: (from majordom@localhost) by blacklodge.c2.net (8.8.8/8.7.3) id QAA19293 for spki-outgoing; Sun, 26 Jul 1998 16:35:35 -0700 (PDT)
X-Authentication-Warning: blacklodge.c2.net: majordom set sender to owner-spki@c2.org using -f
Message-Id: <199807262335.TAA02018@istari.sandelman.ottawa.on.ca>
To: Alan Lloyd <Alan.Lloyd@OpenDirectory.com.au>
CC: spki@c2.net
Subject: Re: FW: comments on <draft-ietf-spki-cert-theory-02.txt>
In-reply-to: Your message of "Mon, 27 Jul 1998 08:49:21 +1000."
<D1A949D4508DD1119C8100400533BEDC060775@DSG1>
Date: Sun, 26 Jul 1998 19:35:14 -0400
From: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>
Sender: owner-spki@c2.net
Precedence: bulk
Status: O
>>>>> "Alan" == Alan Lloyd <Alan.Lloyd@OpenDirectory.com.au> writes:
Alan> Let me explain something to this list which seems to be totally missed.
Alan> A certficate is a digital form of ones key, ones identity and ones
Alan> privileges within a domain as defined by the key issuer of that
Alan> domain.
That is an X.500-type definition.
[I refrain from calling it an X.509v3-type definition since I know that
X.509v3 has gotten over this as well.]
SPKI rejects the X.500-type definition and says that a certificate is
something authorizes some verifier defined action. The exact text is
(from cert-req-01.txt)
Background
The term certificate traces back to the MIT bachelor's thesis of
Loren M. Kohnfelder [KOHN]. Kohnfelder, in turn, was responding to a
suggestion by Diffie and Hellman in their seminal paper [DH]. Diffie
and Hellman noted that with true public key cryptography, one no
longer needs a secure channel over which to transmit secret keys
between communicants. Instead, one can publish a modified telephone
book -- one with public keys in place of telephone numbers. Diffie
and Hellman went on to propose that such a directory could be on-line
and maintained by a trusted source. One could then look up his or
her desired communication partner in the directory, find that
person's public key and open a secure channel to that person.
Kohnfelder took that suggestion and noted that an on-line service has
the disadvantage of being a performance bottleneck. To replace it,
he proposed creation of digitally signed directory entries which he
called certificates. In the time since 1978, the term certificate
has frequently been assumed to mean a binding between name and key.
The SPKI team directly addressed the issue of <name,key> bindings and
realized that such certificates are of extremely limited use for
trust management. A keyholder's name is one attribute of the
keyholder, but as can be seen in the list of needs in this document,
a person's name is rarely of security interest. A user of a
certificate needs to know whether a given keyholder has been granted
some specific authorization.
If you don't accept this point, then SPKI isn't for you, end of discussion.
:!mcr!: | Network and security consulting/contract programming
Michael Richardson | Firewalls, TCP/IP and Unix administration
Personal: <A HREF="http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html">mcr@sandelman.ottawa.on.ca</A>. PGP key available.
Corporate: <A HREF="http://www.sandelman.ottawa.on.ca/SSW/">sales@sandelman.ottawa.on.ca</A>.
ON HUMILITY: To err is human, to moo bovine.