[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DPD & DPV requirements - Recursion Issues

To: ietf-pkix@xxxxxxx
Subject: RE: DPD & DPV requirements - Recursion Issues
From: "Covey, Carlin" <ccovey@xxxxxxxxxx>
Date: Fri, 12 Jan 2001 08:35:35 -0800

Vishal, Frank, Peter, et. al.

I agree with Vishal that this is a situation that can 
appropriately be termed "transitive trust."  "A" trusts 
the information returned by "B" who trusts the information 
returned by "C".  I'm not making any claims about whether
this is a good thing or a bad thing.  I'm sure the answer
would be different to different people and in different
circumstances.  Many human and machine relationships are
built upon transitivity:  "Any friend of yours is a friend
of mine." or more negatively, "Any enemy of yours is
a friend of mine."  

In this case, one point of view is that the client trusts 
server 1 to return a correct answer, and the client doesn't
know or care how server 1 obtained the information upon
which that answer is based.

Another point of view is that the client trusts the server
to not be malicious (e.g., it may be a server run by the 
client's company), but the client doesn't trust
the server to not be stupid (the client has dealt with
the server administrator before).  So the client may fear
that the server will not chose wisely when selecting other
servers to trust.

My preference is for server 1 to publicize the fact that
it trusts information obtained from certain other servers,
and the client can take that fact into account when deciding
whether to trust server 1.

Regards

Carlin

------------------------------------
- Carlin Covey
  Cylink Corp.

-----Original Message-----
From: vishal jakhar [mailto:vjakhar@xxxxxxxxxxxxxxxxx]
Sent: Friday, January 12, 2001 8:55 AM
To: Peter Sylvester; ietf-pkix@xxxxxxx; ccovey@xxxxxxxxxx
Subject: RE: DPD & DPV requirements - Recursion Issues


Dear Frank and Peter,
To my knowledge the term "Transitive trust" is definately there.
Since a client trusts server 1,any information that comes back from
it is treated as trusted, no matter what other parties are included 
in the response. And since I trust server 1 really does not mean 
that I should trust server 2,but since server 1 is trusting server 2
It forms a trust chain, in which I am trusting server 2 indirectly.
This indirect trust should be invisible to the client ,so that the 
client thinks that he is trusting only the party he trusts.
                 It is better to repackage the response instead 
of using a recursive approach, because the client should be unaware
of the recursion.
regards ,
Vishal .

<snip>

Prev by Date: RE: Basic Cert-2-Directory mapping question
Next by Date: Election Technology Expo -- Jan 16, 2001
Previous by thread: RE: DPD & DPV requirements - Recursion Issues
Next by thread: RE: DPD & DPV requirements - Recursion Issues
Index(es):
- Date
- Thread