[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New drafts just submitted

To: Bill Frantz <frantz@communities.com>
Subject: Re: New drafts just submitted
From: Carl Ellison <cme@acm.org>
Date: Tue, 27 Oct 1998 20:14:24 -0800
Cc: Carl Ellison <cme@acm.org>, spki@c2.net
In-Reply-To: <3.0.32.19981027120810.00bcdde8@homer>
Sender: owner-spki@c2.net

-----BEGIN PGP SIGNED MESSAGE-----

At 12:09 PM 10/27/98 -0800, Bill Frantz wrote:
>Carl - I have had a chance to read thru the theory document.  It is the
>clearest exposition I have yet seen of the ideas.  Congratulations!  I
>particularly liked the summary of the delegation discussions.
>
>One typeo, and one gratuitous comment:
>
>>6.3 5-tuple Reduction Rules
>>
>>   The two 5-tuples:
>>
>>   <I1,S1,D1,A1,V1> + <I2,S2,D2,A2,V2>
>>
>>   yield
>>
>>      <I1,S2,D2,AIntersect(A1,A2),VIntersect(V1,V2)>
>>
>>   provided
>>
>>    the two intersections succeed,
>>
>>    I1 = S2
>>
>>   and
>>
>>    D1 = TRUE
>>
>>
>>   If S1 is a threshold subject, there is a slight modification to this
>>   rule, as described below in section 6.3.3.
>
>Shouldn't it say "S1 = I2" instead of "I1 = S2"?

Duh!

Thanks.


>
>>7.6 Key Revocation Service
>>
>>   ...
>>
>>   As the world moves to having all machines on-line all the time, this
>>   might be the user's machine.  However, until then -- and maybe even
>>   after then -- the user might want to hire some service to perform
>>   this function.  That service could run a 24x7 manned desk, to receive
>>   phone calls reporting loss of a key.  That authority would not have
>>   the power to generate a new key for the user, only to revoke a
>>   current one.
>
>Unless authorization for the revocation is carefully controlled, this is a
>wonderful opportunity for a denial of service attack.  I actually had the
>joy of being able to say to a person who had just described how their
>(mainframe) system disabled accounts after 3 invalid passwords, "Oh, how
>nice.  What is your user name?"

Yes -- if you don't passphrase (or voiceprint) protect that revocation
authorization.

 - Carl

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3

iQCVAwUBNjaaHxN3Wx8QwqUtAQGkmQP/WUMQCOrGIu2kSniORhui7OL8WK0+i6Rn
AreAJcdqo8P9HQ8m8cjPW+2oTTeoRlQ1DAq93DV3+aA8B7josOI1JOAxPuHargr9
AVVuUnlmWKbnx9v0yo2akDraJHLynnSJRuS+9KZdYVttKUPJ1TBn2sYgDf4BUiaj
D/lgAbcaGXQ=
=ma3e
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison         cme@acm.org     http://www.pobox.com/~cme |
|    PGP: 08FF BA05 599B 49D2  23C6 6FFD 36BA D342                 |
+--Officer, officer, arrest that man. He's whistling a dirty song.-+

References:

Re: New drafts just submitted

From: Bill Frantz <frantz@communities.com>

Prev by Date: Re: New drafts just submitted
Next by Date: Reconciling SDSI/SPKI with XML-Sig
Prev by thread: Re: New drafts just submitted
Next by thread: Pointer to new I-D
Index(es):
- Main
- Thread