1996-01-06 - Re: Revoking Old Lost Keys

Header Data

From: Alex Strasheim <cp@proust.suba.com>
To: mab@crypto.com (Matt Blaze)
Message Hash: 28de5a5d9bd225e5cbdff9b5206371f2b2983ba695148f063557c17a6c2373bd
Message ID: <199601061748.LAA06159@proust.suba.com>
Reply To: <199601061626.LAA06345@crypto.com>
UTC Datetime: 1996-01-06 18:12:10 UTC
Raw Date: Sun, 7 Jan 1996 02:12:10 +0800

Raw message

From: Alex Strasheim <cp@proust.suba.com>
Date: Sun, 7 Jan 1996 02:12:10 +0800
To: mab@crypto.com (Matt Blaze)
Subject: Re: Revoking Old Lost Keys
In-Reply-To: <199601061626.LAA06345@crypto.com>
Message-ID: <199601061748.LAA06159@proust.suba.com>
MIME-Version: 1.0
Content-Type: text


> Note that the problem here is in the basic trust model, not just the
> certificate distribution model (which is a separate problem).  The lack of
> ability for a certifier to revoke his own certification, plus the lack of a
> facility to put limits on the duration and meaning of the certification,
> make PGP certificates of very limited practical value.

Isn't the last bit here, the part about duration and meaning, the 
practical answer to the problem?  Especially duration?

The stuff that's been going on lately with Netscape's browsers, Sameer's
apache ssl server, and the difficulty of getting CAs like verisign to
approve keys underscores the importance of this issue.

This is probably sort of half-baked, but is it possible to come up with a 
formal grammar that would allow us to describe trust models in general?  
What if we had a prolog-like system that allowed you to set up rules like:

"x is a student if x has got a signature from a school" 
"x is a school if x has got a signature from the accredation authority"
"x belongs to the secret society of x has signatures from 3 other people
who have belonged to the society for more than a year, and if x is 
a certified owner of a duck."

Wouldn't something like this give us the flexibility to use a PGPish model
of trust or an X.509ish model, or whatever else we wanted to do?

It seems to me that the rules that govern when you can accept which 
signature ought to be data objects in a more flexible system, just as the 
signatures themselves are data objects.  That means that the rules 
themselves ought to be subject to change, revokation, or revision.  

The constitution wouldn't have survived if it didn't contain a mechanism 
for ammendment.  Wouldn't a model of trust with the same ability for 
revision and extension be a lot more robust, and a lot more resistent to 
centralized control?






Thread