Jeff Thompson is my hero. :-)
On first glance, this appears to give me a mechanism for casual
keys that I can use. The question is: will the rest of the
working group endorse it?
TIS/PEM has always supported this feature and will continue to do so.
An individual user may retrieve the software, build and install it, and
create a self-signed certificate the first time it is used. The
software is pre-configured (at distribution time) for this operation,
ie, you can retrieve it, edit the Makefile to set your platform, and
type "make".
When a user receives a certificate from another user, the received
certificate may have a flag set that is stored with the certificate
in the database. This flag indicates the certificate is "designated
valid". The user receiving the certificate chooses whether or not to
set the flag.
During certificate validation, when a "designated valid" certificate is
discovered the validation process halts at the point and returns the
certification path constructed up to that point.
With this feature, it is possible to support what is widely purported as
the PGP validation model: a user simply sets the flag on all received
certificates for which the public key has been verified by some
out-of-band mechanism (perhaps a phone call). Thus the certification
path is always of length 1.
It is also possible to support the RFC 1422 PEM hierarchy by setting
only the IPRA certificate to valid.
It should also be obvious that it is possible to support completely
disjoint hierarchies of certificates.
Jim