[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question


At 07:54 PM 4/29/99 +0200, JoanMa Mas Ribés wrote:
>I've started implementing a SPKI toolbox in Java, and right now I've a 
>(which won't be the last) about comparing principals.
>If I've understood it correctly, the field <uris> in a public key is used to
>point where you can get certificates on that key, right? I guess that the
><uris> field in the hash has the same purpose, when this hash is of a public
>The question is, how do I compute the hash of a public key? I mean, should
>take the s-expression representing the whole key (uris included)? If so, 
>I copy the <uris> field from the key into the hash? 
>And when comparing principals for "samePrincipalAs", do I take into account
>also the <uris> field? If the answer is yes, then a principal is not only a
>public key or hash, but also the <uris>, which has the problem that we'd 
have 2
>different principals represented by the same key but with different <uris>
>And if not, then computing the hashing of a public key is a special case in
>SPKI (it'd only be some more lines of code), which would first remove the
><uris> field in the public key, compute the hash and add <uris> in the hash.
>I hope I made myself clear. Thanks a lot in advance.

Yes, the hash of a public key is the hash of a canonical S-expression 
holding the public key.  So, just alling it the key hash is slightly 
misleading.  It is a placekeeper.  You could have put the whole public key 
S-expression there, but if the other party already has that S-expression, 
then you can save space by using just the hash of it.

Comparing principals, on the other hand, should be comparison of the key 
parameters.  The question there (e.g., for tuple reduction) is whether K1 is 
the same key that made a given digital signature.

Version: PGP 6.5


|Carl M. Ellison         cme@acm.org     http://www.pobox.com/~cme |
|    PGP: 08FF BA05 599B 49D2  23C6 6FFD 36BA D342                 |
+--Officer, officer, arrest that man. He's whistling a dirty song.-+