From owner-spki@c2.net Tue Oct 27 11:35:43 1998 Received: from blacklodge.c2.net (blacklodge.c2.net [208.139.36.35]) by lox.sandelman.ottawa.on.ca (8.8.7/8.8.8) with ESMTP id LAA14765; Tue, 27 Oct 1998 11:35:41 -0500 (EST) Received: (from majordom@localhost) by blacklodge.c2.net (8.8.8/8.7.3) id HAA10872 for spki-outgoing; Tue, 27 Oct 1998 07:40:54 -0800 (PST) Message-Id: <199810271458.JAA15255@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce:; Cc: spki@c2.net From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-spki-cert-theory-03.txt Date: Tue, 27 Oct 1998 09:58:57 -0500 Sender: owner-spki@c2.net Precedence: bulk --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Simple Public Key Infrastructure Working Group of the IETF. Title : SPKI Certificate Theory Author(s) : C. Ellison, W. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen Filename : draft-ietf-spki-cert-theory-03.txt Pages : 45 Date : 26-Oct-98 The SPKI Working Group has developed a standard form for digital certificates whose main purpose is authorization rather than authentication. These structures bind either names or explicit authorizations to keys or other objects. The binding to a key can be directly to an explicit key, or indirectly through the hash of the key or a name for it. The name and authorization structures can be used separately or together. We use S-expressions as the standard format for these certificates and define a canonical form for those S-expressions. As part of this development, a mechanism for deriving authorization decisions from a mixture of certificate types was developed and is presented in this document. This document gives the theory behind SPKI certificates and ACLs without going into technical detail about those structures or their uses. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-spki-cert-theory-03.txt". A URL for the Internet-Draft is: ftp://ftp.ietf.org/internet-drafts/draft-ietf-spki-cert-theory-03.txt Internet-Drafts directories are located at: Africa: ftp.is.co.za Europe: ftp.nordu.net ftp.nis.garr.it Pacific Rim: munnari.oz.au US East Coast: ftp.ietf.org US West Coast: ftp.isi.edu Internet-Drafts are also available by mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-spki-cert-theory-03.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <19981026140044.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-spki-cert-theory-03.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-spki-cert-theory-03.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19981026140044.I-D@ietf.org> --OtherAccess-- --NextPart--