"trust management" vs. "certified identity"
Jeff Weinstein
jsw at netscape.com
Sun Jan 7 22:06:19 PST 1996
Futplex wrote:
> Frank O'Dwyer writes:
> > Plus, given secure identity (which might be an anonymous id), you can
> > layer the other stuff on top.
>
> I am swayed by the view expounded by Carl Ellison that a key, not an
> identity, should be the anchor to which attributes are attached. (Sorry if
> I am misstating or oversimplifying the position here.) I think identity
> should be hung off the key as just another (optional) attribute.
This is exactly how I view X509 Version 3 certificates. You can attach
any sort of attribute to the key, including a name/identity. Though the
spec gives the name preferential treatment for historical reasons, I
view it as just another optional attribute.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.
More information about the cypherpunks-legacy
mailing list