[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: X.509 ACs vs. SPKI?
In the (exceptional?) case where two identical public keys are generated
independently, and both happen to attempt access to the same resource,
then the hash of the entire cert is a must for uniqueness.
Aside from this condition, however, the hash of the public key is
sufficient for (classic) SPKI operation where verifier = issuer
(at least for chains of length 1).
OK, that doesn't get one very far ... I can't see how to leverage the
same assurance for longer chains.
At 08:55 PM 5/25/99 -0700, Ed Gerck wrote:
>"Ellison, Carl M" wrote:
>> ... for secure binding,
>> the hash of the public key is a fine globally unique identifier and an
>> unanchored text name is wide open to abuse.
>I disagree. The hash of the public-key is also open to abuse since it
>does not securely include that key's validity date, does not include an
>originally secure reference to a valid revocation mechanism linked to
>the identity certificate from whence that public-key came and cannot
>contain other warranties or insurance by extension from the identity
>certificate itself. Please see my former e-mail.
>However, I agree if one uses the whole identity certificate hash -- not
>the public-key hash. This was also discussed in my former e-mail.
Tony Bartoletti LL
Center for Information Operations and Assurance LL LL
Lawrence Livermore National Laboratory LL LL LL
PO Box 808, L - 303 LL LL LL
Livermore, CA 94551-9900 LL LL LLLLLLLL
phone: 925-422-3881 fax: 925-423-8002 LL LLLLLLLL
email: email@example.com LLLLLLLL