SPKI's CRC (was Re: New Policy: a Labour Party U-turn)
Carl Ellison
cme at cybercash.com
Tue, 28 Apr 1998 11:10:23 -0400
-----BEGIN PGP SIGNED MESSAGE-----
At 12:50 PM 4/28/98 +0100, Richard Watts wrote:
> Actually, I think you can probably do it :
>
> 1. Where a signature is not covered by the certificate of an
>Approved Service Provider, it may not be used as evidence of the
>existence of a contract, or of the identity of the signature
>owner.
At the risk of treating satire seriously, ... :)
SPKI's CRC requires that the user of the CRC have authorized the issuer of
the CRC to delegate authorization to other keys. The subject key, in a CRC,
belongs to a keyholder completely unknown to the signer of the CRC. The
certificates by which that subject was introduced to the CRC issuer are
hidden in the process, so the issuer of the CRC is being trusted to vouch
correctly for the subject.
In other words, this looks exactly like any other certificate...only there's
no contact between issuer and subject from which one might derive tracking
information, private keys, etc.
Of course, identity of the signature owner (the keyholder) is rarely at
issue since names are generally useless. Rather, the CRC will convey that
portion of Identity that is at issue: permission to perform some action or
demand some action.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQCVAwUBNUXxXhN3Wx8QwqUtAQEnowP/aKvYnpOheEwgOWqvFX2OUeQGPlernYZm
0c3SC4MBecAFRBREJcsSXd1DBAyHMT03dr/pEBvSSbhmZsvmMHBTqJ6nOJnTuIjy
nz/GNjSAJhvQSg8SazFYjknuBCssshx/CrdLE+Zb2f1JOVOKBJNU6raaXdw39vqm
yeas1WR886Q=
=R09h
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+