ietf-openpgp
[Top] [All Lists]

Re: Principles and Principals

1997-09-25 17:10:20
At 11:05 PM 9/24/97 -0700, Patrick Richard wrote:

   The major problem with 'key-principal' architectures is the
   revocation problem.

   When my key is revoked/changed/upgraded/whathaveyou all bindings
   are lost.
   
I think the revocation problem is the major problem with *all* architectures. 
   
   If you develop a system that goes around this, then the key is
   not the principal...
   
I disagree. One of the things that I want to see in PGP is an
"I-used-to-be" certificate. With proper setup of one of those, you have a
key-as-principal system, but delegation of authority with transfer of
authority, it all flows.

        Jon



-----
Jon Callas                                         jon(_at_)pgp(_dot_)com
Chief Scientist                                    555 Twin Dolphin Drive
Pretty Good Privacy, Inc.                          Suite 570
(415) 596-1960                                     Redwood Shores, CA 94065
Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS)
              665B 797F 37D1 C240 53AC 6D87 3A60 4628           (RSA)