[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: X.509 ACs vs. SPKI?

To: Terry Hayes <thayes@netscape.com>
Subject: Re: X.509 ACs vs. SPKI?
From: Carl Ellison <cme@acm.org>
Date: Thu, 27 May 1999 09:21:40 -0700
CC: Denis Pinkas <Denis.Pinkas@bull.net>, "Ellison, Carl M" <carl.m.ellison@intel.com>, ietf-pkix@imc.org, spki@c2.net
References: <v04020a04b3709e767a28@[128.89.0.110]> <374D3362.C62C21D5@bull.net> <374D6842.E9CC01DB@netscape.com>
Sender: owner-spki@c2.net

Terry Hayes wrote:
> 
> Denis Pinkas wrote:
[snip]
> > A user may have two public key certificates with two different names but with
> > the same public key. In that case it is not always possible to know with which
> > of the two certificates the AC is associated.
> 
> I believe that this is the point.  The AC would be associated with the key, not
> with any specific certificate.  Yes, that means there is no published expiration
> time for the key, no way to check revocation (except perhaps with the keyholder),
> and no way to associate a global name with it.  The last time I checked, it was
> still possible to use key pairs without having a certificate associated with them!
> :)
> 
> Validity time, and revocation services would only apply to the AC itself it this
> environment.

In SPKI, we distinguish between the terms "attribute cert" and "authorization
cert".

When I give talks on this subject, I draw a triangle whose vertices
are labeled Name, Permission and Key.  (I draw it with name on top and
key on the right.)

The goal for us application developers is to map a Permission to a Key,
but we can go from left to right in two different ways.

We can take an authorization cert directly from Permission to Key or
we can take a pair of certs:  attrubute cert from Permission to Name and
id cert from Name to Key.

To do that latter path, you have to identify the Name in a globally
unique way.  Since there are no globally unique (ie., distinguished)
textual names and there never will be (IMHO), we choose to make
names unique by using what we call a Fully Quanlified name:

	(name <key> n_1 n_2 ... n_k)

where <key> is the public key (or its hash) of a name issuer.  In the
X.509 world, this is the root key of a hierarchy.

n_i are the names from that (root) key to the particular name we
care about.  In X.509, this would be the names of the CAs enroute from
the root key to the leaf name.  In SPKI, it's a SDSI name chain.
The two are equivalent, from the point of view of the authorization
computation.

What I was trying to say about X.509 ACs was that a form that turns it
into an authorization certificate can be interpreted unambiguously, but
if you want to use it as an attribute certificate, it's missing the ability
to specify a Fully Qualified name.

 - Carl

-- 
 Carl M. Ellison   cme@alum.mit.edu     http://www.pobox.com/~cme
 PGP: E0414C79B5AF36750217BC1A57386478 & 61E2DE7FCB9D7984E9C8048BA63221A2
 ``Officer, officer, arrest that man!  He's whistling a dirty song.''
     [Jean Ellison]

Follow-Ups:

DN's (was Re: X.509 ACs vs. SPKI?)

From: Carl Ellison <cme@acm.org>

References:

Re: X.509 ACs vs. SPKI?

From: thayes@netscape.com (Terry Hayes)

Prev by Date: Re: X.509 ACs vs. SPKI?
Next by Date: DN's (was Re: X.509 ACs vs. SPKI?)
Prev by thread: Re: X.509 ACs vs. SPKI?
Next by thread: DN's (was Re: X.509 ACs vs. SPKI?)
Index(es):
- Main
- Thread