[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

KeyNote draft available, FYI

[I just sent this to the trustmgt@east.isi.edu list, but it may be
of interest to some here, so forgive me if you've already seen this.

We have just about finished what we believe is the "stable" version of
the KeyNote trust management language and reference implementation.
We expect to have the informational RFC describing the language
submitted sometime next week and the official reference implementation
available at about the same time.

I believe our design meets a wide range of requirements.  We are using
KeyNote for a number of interesting projects, as are some other
researchers and developers.

If you'd like an advance peek at what we're up to, I've put up a copy
of the draft for anonymous FTP at
This is a draft that's likely to change slightly before being
submitted, so please do not redistribue or mirror it.

We'd appreciate your comments, either to me directly or on the trustmgt

KeyNote is a small, flexible trust management system designed to be
especially suitable for Internet-style applications.  KeyNote provides
a single, uniform language for specifying security policies and
credentials, and can be used as an application policy description
language as well as as a format for public-key credentials.  KeyNote
is a joint project of M. Blaze, J. Fiegenbaum, J. Ioannidis, and
A. Keromytis.

The KeyNote language and implementation are virtually without
intellectual property constraints (as far as we know).  We have not
patented the KeyNote system or trust management generally (although of
course anyone, including us, could invent and patent some specific
novel application of trust management based on KeyNote).  We might
file a trademark on the name "KeyNote".  Other than that, you can just
use it.  The KeyNote reference implementation will be available under
a Berkeley-style open source license.

I welcome your comments on our design.