[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: X.509 ACs vs. SPKI?

Ed Gerck wrote:
> "Ellison, Carl M" wrote:
> > ... for secure binding,
> > the hash of the public key is a fine globally unique identifier and an
> > unanchored text name is wide open to abuse.
> I disagree. The hash of the public-key is also open to abuse since it
> does not securely include that key's validity date, does not include an
> originally secure reference to a valid revocation mechanism linked to
> the identity certificate from whence that public-key came and cannot
> contain other warranties or insurance by extension from the identity
> certificate itself.  Please see  my former e-mail.
> However, I agree if  one uses the whole identity certificate hash -- not
> the public-key hash. This was also discussed in my former e-mail.

It is not clear to me that you would want to revoke an identifier.  An
identifier is just a byte string.  The hash of the public key is a byte
string that you know is globally unique and is tied 1:1 with a private

It is the attributes of that identifier you might want to revoke, whether
that would be identity information (e.g., a SDSI name) or some permission
to act.  You might want to revoke it, for example, because you have
discovered that the private key is no longer controlled by only a single
person.  However, even if the private key were published on sci.crypt,
the hash of the public key remains an identifier associated with that
private key.

 - Carl

 Carl M. Ellison   cme@alum.mit.edu     http://www.pobox.com/~cme
 PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2
 ``Officer, officer, arrest that man!  He's whistling a dirty song.''
     [Jean Ellison]

Follow-Ups: References: