[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Principles and Principals
> From: "William Allen Simpson" <wsimpson@xxxxxxxxxxxxxxx>
> What PGP currently does is more akin to SPKI Principals than X.509
> Distinguished Names.
> The PGP public-key is the principal. The principal is used to
> "distinguish" all manipulations, such as signing and database
> maintenance. A "hash" of the principal (really just the lower bits) can
> also be used for database lookup.
> The PGP principal signs a "tag" called the username (or just PGP user).
> This tag is not really used to any degree, except for human recognition
> and database lookup.
"not really used, except for human recognition and database lookup" ???
Is that like "the car is not really used, except for commuting, vacationing,
and taxiing the kids to soccer practice."?
SPKI's primary failure (IMO) is it's central design feature: the failure
to allow a separation between principals and keyholders. That is, the
identity of a principal is inextricably tied to the cryptographic key
being used by the principal.
I believe it can be accurately claimed that the "PGP user" (the
human-readable username) is defined to be the principal, regardless of
what cryptographic keys are being used by that principal.
"joe@xxxxxxx" is the same person you are accustomed to communicating
with, even if he changes his public key. With the SPKI notion of the
public key being the principal, the old principal has to delegate to
the new one every time keypairs are changed. The inconvenience of
managing delegation strongly discourages the use of good key management
Those more familiar with PGP operations than I am can judge whether
there is a good enough fit between the "cyber-principal to
physical-entity" mapping of SPKI vs. the "physical-principal to public
key" mapping of PGP and X.509.