pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

public assurance model and description

1993-12-30 14:06:00
from [P . Williams] [Permanent Link] 
Dusse:
 If the present assumption
(requirement ?) were removed that a PCA only certifies CAs, then there
could be residential PCAs which directly certify users without having
to follow the name subordination requirements. 

Crocker:
If it's possible to open up the model without destroying it entirely,
I think the community would be well served.

I've proposed one model for doing this which is to have each
implementation hold not just one but a set of certification roots, and
to have a separate method of inserting these roots into the local
store.  Under this view, the PCAs, not the IPRA, are the roots of the
certification paths.  The IPRA can then be viewed as a speaker who
authorizes the insertion of new PCAs into the local store.  There
might exist other methods of inserting roots, e.g. manually.

Kent: 
        I'm still waiting for the complete description of the
semantics for the proposed alternative certificatin system you
periodically allude to.  Not just...



See cs.ucl.ac.uk:password/r25.ps for a model and description and
statement ofthe security properties of a possible "public trust model"
which embraces, but is not limited to PEM 1422. The document was produced
by the University of Cambridge Security people, the major author being Mike Roe.

Mike is a member of PSRG, and I therefore presume that this document has done
the rounds there. I dont believe it is intended as a subsitute for 1422, but
it is well worth reading for gaining understanding of the issues of
certification in the context of scalable, secure messaging protocols, 
authentication
protocols, and key distribution based on RSA.

The issues addressed in the public trust model refelcted the needs to operate 
multiple
protocols upon the trust hierarchy, reflect political reality, embrace both
network-wide identity generation, and provider-service specific identity 
management.

Specfically, it address the notion of PCAs signing not-CA entities, multiple 
roots,
assurance-based key distribution, and community-of-interest key distribution. 
Therefore
I see this reference as a valid input to the PEM WG discussion.
Lets be clear, however, that we are not talking about modifying PEM; only, that 
PEM
may be seen as being a component of a public trust system being postulated.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Naming and other hard problems, Steve Dusse
Next by Date:  Re: public assurance model and description, Steve Kent
Previous by Thread:  Naming and other hard problems, jueneman%wotan
Next by Thread:  Re: public assurance model and description, Steve Kent
Indexes:  [Date] [Thread] [Top] [All Lists]