1996-01-17 - “trust management” vs. “certified identity”

Header Data

From: norm@netcom.com (Norman Hardy)
To: mab@research.att.com
Message Hash: bb6c838cd98659ce0d88cd1109d7f2ac8cb4a01ef04cb27f4f80d95e66bc7e6c
Message ID: <ad22cff3000210040087@DialupEudora>
Reply To: N/A
UTC Datetime: 1996-01-17 20:03:35 UTC
Raw Date: Thu, 18 Jan 1996 04:03:35 +0800

Raw message

From: norm@netcom.com (Norman Hardy)
Date: Thu, 18 Jan 1996 04:03:35 +0800
To: mab@research.att.com
Subject: "trust management" vs. "certified identity"
Message-ID: <ad22cff3000210040087@DialupEudora>
MIME-Version: 1.0
Content-Type: text/plain


This is reminiscent of a recent idea of mine. Imagine the following signed
declaration:

I (fingerprint = ...) claim that the code X with SH (secure hash) = ...
satisfies contract with SH= ... when its free code pointers are bound to
other code conforming to contracts identified within X by their SH's.

The contracts would be either formal or informal.

When a Java program arrives at a client it can warrant its services if it
finds local access to warranted sub-routines. (For this purpose behaviors
of objects are sub-routines.)

The Java loader can build warrants recursively with such declarations. They
would, of course, be relative to the reputation of signers of the above
declarations.

I have just sent for your paper.







Thread