[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "trust management" vs. "certified identity"

To: Cypherpunks Mailing List <[email protected]>
Subject: Re: "trust management" vs. "certified identity"
From: Jeff Weinstein <[email protected]>
Date: Sun, 07 Jan 1996 21:41:57 -0800
Organization: Netscape Communications Corporation
References: <[email protected]> <[email protected]>
Sender: [email protected]

Futplex wrote:

> Frank O'Dwyer writes:

> > Plus, given secure identity (which might be an anonymous id), you can
> > layer the other stuff on top.
> 
> I am swayed by the view expounded by Carl Ellison that a key, not an
> identity, should be the anchor to which attributes are attached. (Sorry if
> I am misstating or oversimplifying the position here.) I think identity
> should be hung off the key as just another (optional) attribute.

  This is exactly how I view X509 Version 3 certificates.  You can attach
any sort of attribute to the key, including a name/identity.  Though the
spec gives the name preferential treatment for historical reasons, I
view it as just another optional attribute.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
[email protected] - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.

References:
- RE: "trust management" vs. "certified identity"
  - From: "Frank O'Dwyer" <[email protected]>
- Re: "trust management" vs. "certified identity"
  - From: [email protected] (Futplex)

Prev by Date: Encryption sales ban costs U.S. $60 billion
Next by Date: Re: Hammill 1987 speech
Prev by thread: Re: "trust management" vs. "certified identity"
Next by thread: RE: "trust management" vs. "certified identity"
Index(es):
- Date
- Thread