[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: May I ask a favor of you?


At 08:21 PM 11/3/98 +0900, =?euc-kr?B?wMzAusij?= wrote: 
>I'm a graduate student in Soongsil Univ. in Korea.
>My major is computer vision, so I don't know much about this area.
>By the way I have to introduce spki in my class(data communication 
>I want to know about spki to the detail.
>These are things I want to know.
>    - difference and relation between spki and pki

This should be covered in the theory draft.  The summary is that the last 20 
years of PKI work was concerned with binding names to keys, and providing 
those in a global directory.  SPKI rejects the global name to key bindings 
and directories as irrelevant at best and a security problem at worst.

>    - examples of spki in actual life

None yet.

>    - things important or interesting related with spki

SPKI introduced public keys as natural IDs of keyholders and focussed on 
certificates as answering what a keyholder is allowed to do, not who the 
keyholder is (as in what name the keyholder has).

Delegation of these authorization certificates was also introduced by SPKI.

>    - materials on spki besides internet-drafts

There are several published papers and more in the works.  I do not keep a 
bibliography, but probably should.

>    - what is the result of spki specifications submitted as an RFC?

Still pending the submission of the full set of final drafts.  Only the 
first 2 of 4 have been so far.

>    - what is spki working group doing nowadays?

Winding down -- so we can go on to the real work: getting applications 
changed to use authorization certs.

 - Carl

Version: PGP for Personal Privacy 5.5.3


|Carl M. Ellison         cme@acm.org     http://www.pobox.com/~cme |
|    PGP: 08FF BA05 599B 49D2  23C6 6FFD 36BA D342                 |
+--Officer, officer, arrest that man. He's whistling a dirty song.-+