Well, the US Federal Bridge CA project (I assume that's the reference) is pretty well thought out on this issue, as far as I can tell. There are being very ...
Martin Smith
mfsmith@...
Apr 1, 2000 9:16 pm
869
... I was tempted to respond to something Bob Jueneman said a week or so ago. Now this really prompts me to ramble on. Warning, this is going to be about...
Eric Norman
ejnorman@...
Apr 12, 2000 6:32 am
870
There's an aspect about names that I've never seen mentioned; so I'll mention it. Perhaps that means I just haven't read the right stuff, but I've read an...
Eric Norman
ejnorman@...
Apr 12, 2000 11:23 am
871
Eric, SPKI certificates grant authority, not identity per-se. If I am Student-X, and the University-Of-Wisconsin deems to certify my key by signing it with...
Tony Bartoletti
azb@...
Apr 12, 2000 11:40 am
872
I found your ideas quite interesting, and with merit, though I myself am not an expert on these matters. However, I do have a concern. In all of your examples,...
Mason, Shane
smason@...
Apr 12, 2000 1:55 pm
873
... Hash: SHA1 ... I agree with Tony, of course, but I've also been thinking lately about the difference between carrying authorization information in...
Carl Ellison
cme@...
Apr 12, 2000 1:56 pm
874
... Hash: SHA1 ... I haven't finished reading your message, and am behind on reading others, but this is a key point. We deal with things that are transitive: ...
Carl Ellison
cme@...
Apr 12, 2000 2:00 pm
875
... Hash: SHA1 ... Or, instead of "revoking an identity" you can speak of "removing the power you had granted to a key". ... Version: PGP 6.5.2 ...
Carl Ellison
cme@...
Apr 12, 2000 2:13 pm
876
... Hash: SHA1 Bob, thank you for the thoughtful message. Good stuff there. I have just a couple of nits. ... My question about scaling is in size of any...
Carl Ellison
cme@...
Apr 12, 2000 2:13 pm
877
... Hash: SHA1 ... Hi David. SPKI does indeed address (2). First we address it by noting that anyone who uses a global ID and expects that to be meaningful to...
Carl Ellison
cme@...
Apr 12, 2000 2:29 pm
878
... Hash: SHA1 ... We considered and rejected the idea of granting the authority to delegate but not the authority to do. You can check the archives for that ...
Carl Ellison
cme@...
Apr 12, 2000 2:37 pm
879
... Hash: SHA1 ... In fact, the correct number of possible relationships is the number of possible relationships among people in the world. Any mechanism for ...
Carl Ellison
cme@...
Apr 12, 2000 2:42 pm
880
... Carl> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ... Carl> Or, instead of "revoking an identity" you can speak of Carl> "removing the power you had...
Paul Koning
pkoning@...
Apr 12, 2000 4:29 pm
881
Carl, Certainly there is a one-time opportunity for error when one person attempts to contact another (unknown) person for the first time based on limited...
David P. Kemp
dpkemp@...
Apr 12, 2000 4:57 pm
882
I've been mulling over David's reply and several of the others made recently. (For what it is worth, I do not agree that this discussion belongs on cert-talk,...
Bob Jueneman
BJUENEMAN@...
Apr 12, 2000 5:23 pm
883
... Sorry, I just can't resist injecting some gratuitous silliness. Suppose we ask: what's the probability that two 1000 bit RSA keys generated at random will...
Eric Norman
ejnorman@...
Apr 12, 2000 5:58 pm
884
... Hash: SHA1 ... Hi David. The theory you're working on sounds good, but I don't buy it. We need experimental evidence, one way or the other. My experimental...
Carl Ellison
cme@...
Apr 12, 2000 7:09 pm
885
... Let's make sure that we agree on what that word "transitive" means; here's what I think it means (I'm a math major). Delegating authority or granting...
Eric Norman
ejnorman@...
Apr 12, 2000 7:18 pm
886
... Hash: SHA1 At 11:45 AM 4/12/00 -0700, Carl Ellison wrote: Assuming this is correct, ... One key per nanosecond, in 1 million years, is approximately 3e22...
Carl Ellison
cme@...
Apr 12, 2000 7:20 pm
887
... Hash: SHA1 My own derivation of the probability of collision approximates to: P = m^2/(2n) where n is the size of the name space (e.g., 2^{1000}) and m is...
Carl Ellison
cme@...
Apr 12, 2000 7:20 pm
888
... Hash: SHA1 ... If we're using the SHA-1 hash of the key instead of the key as the name of the keyholder, then the denominator is only 2^160 or about...
Carl Ellison
cme@...
Apr 12, 2000 7:30 pm
889
... Hash: SHA1 ... We record it together since it's a modifier on the other permission (takes the other permission as a parameter). We might have expressed it...
Carl Ellison
cme@...
Apr 12, 2000 7:30 pm
890
... Hash: SHA1 ... It's only 1/2 that. Still, as Eric said, we're being silly. ... Version: PGP 6.5.2 ...
Carl Ellison
cme@...
Apr 12, 2000 7:37 pm
891
... = 2e514. ... OK, here's what the back of my napkin says. Seconds / year = 2e25. Nanoseconds / second = 2e30. Years / million years = 2e20. So nanoseconds /...
Eric Norman
ejnorman@...
Apr 12, 2000 8:52 pm
892
We have two Dan Burtons, and even though I know that the one I normally communicate with is Dan F Burton, about 1/3 of my messages end up being forwarded by...
Bob Jueneman
BJUENEMAN@...
Apr 12, 2000 10:54 pm
893
... It's certainly cleaner if you do so. Usually student ID numbers and employee ID numbers are either serially assigned, so once you've done 175142 all future...
Bill Stewart
bill.stewart@...
Apr 12, 2000 10:58 pm
894
When I sent the message last week about suggesting Prolog as an authorization language, I also sent the message to the Keynote folks since they were mentioned....
Eric Norman
ejnorman@...
Apr 17, 2000 3:20 am
895
... You use the imperfect tense here... Is this still the current thinking? I must admit that I'm a little confused here. A PKCS#1 signature does include an...
Niels Möller
nisse@...
Apr 17, 2000 3:58 pm
896
... Originally, the draft only allowed for rsa-pkcs1-<some-hash>. We added rsa-pkcs1 because the pkcs1 encoding captures the hash used, and we thought you...
Matt Fredette
fredette@...
Apr 17, 2000 4:10 pm
897
... Martin> Eric-- I do think you are correct. The need to achieve Martin> global uniqueness of names and also distibuted namespace Martin> management is what...
