[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: X.509 ACs vs. SPKI?
Ed Gerck wrote:
>
> "Ellison, Carl M" wrote:
>
> > ... for secure binding,
> > the hash of the public key is a fine globally unique identifier and an
> > unanchored text name is wide open to abuse.
>
> I disagree. The hash of the public-key is also open to abuse since it
> does not securely include that key's validity date, does not include an
> originally secure reference to a valid revocation mechanism linked to
> the identity certificate from whence that public-key came and cannot
> contain other warranties or insurance by extension from the identity
> certificate itself. Please see my former e-mail.
>
> However, I agree if one uses the whole identity certificate hash -- not
> the public-key hash. This was also discussed in my former e-mail.
>
It is not clear to me that you would want to revoke an identifier. An
identifier is just a byte string. The hash of the public key is a byte
string that you know is globally unique and is tied 1:1 with a private
key.
It is the attributes of that identifier you might want to revoke, whether
that would be identity information (e.g., a SDSI name) or some permission
to act. You might want to revoke it, for example, because you have
discovered that the private key is no longer controlled by only a single
person. However, even if the private key were published on sci.crypt,
the hash of the public key remains an identifier associated with that
private key.
- Carl
--
Carl M. Ellison cme@alum.mit.edu http://www.pobox.com/~cme
PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2
``Officer, officer, arrest that man! He's whistling a dirty song.''
[Jean Ellison]
Follow-Ups:
References: