Re: The Bank-model Was: Employee Certificates - Security Issues

[J Adrian Pickering <jap@xxxxxxxxxxxxxxx>]

This discussion seems to be circling around the issue of roles. I thought 
that Attribute Certificates were invented to solve this? Someone did 
mention this but I'm not sure there was an answer.

I can have an individual certificate 'J Adrian Pickering' that I obtain, 
perhaps issued by a government authority much like a passport. When I work 
for Company X in role Y, the Company issues me with an appropriate 
attribute certificate. The two, when used together, are applied to Company 
transactions and are understood by the recipient to mean 'this individual 
has signed this transaction on behalf of company x in their role as y'. 
This is just like a traditional legal document where an individual signs 
and it is endorsed by the company seal.

When I leave the company or the company leaves me, then I retain my 
personal certificate but the 'keys of the office' (aka seal) are taken away 
from me i.e. the attribute certificate. I am still free to sign 'cheques' 
with my personal certificate whether I'm in the employ of the company or 
not. I am also free to be employed at other companies who will also issue 
appropriate ACs.

The recipient is always left to work out whether that means the transaction 
is valid or not i.e. if the signatory is authorised to make a binding 
contract. PKI provides the tools to help make this assessment.

Are we still working with unrelated certificates or do we still believe in 
ACs? Apologies in advance if I'm beating an old drum,

Adrian Pickering/
ECS, University of Southampton, UK