[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IETF-PKIX] Multiple certificates for same key?

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: Re: [IETF-PKIX] Multiple certificates for same key?
From: Mark Shuttleworth <marks@xxxxxxxxxx>
Date: Thu, 5 Mar 1998 18:32:24 +0200
Approved-by: jean.pawluk@TANDEM.COM
In-reply-to: <>
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

> Let's get this straight -- the key is the identity,
> your name is a handle.  If liberty means anything, you
> can call yourself what you want hence identity-to-handle
> mapping will be many to many.  The tradeoff is your
> complexity eval of managing O(10**2) keys versus your
> exposure eval of published cross correlation of the key
> sharing amongst certs.

Gotta disagree.  The name is your identity (and potentially your
authority).  The key is merely a way to tie an action (signature) to that
identity.  The problem is tht one-key-many-certs can mean that an action
is tied to multiple identities.  It's not a huge problem.

--
Mark Shuttleworth
Thawte Consulting

Follow-Ups:
- Re: [IETF-PKIX] Multiple certificates for same key?
  - From: Russ Housley

References:
- Re: [IETF-PKIX] Multiple certificates for same key?
  - From: Dan Geer

Prev by Date: Re: [IETF-PKIX] Multiple certificates for same key?
Next by Date: Re: [IETF-PKIX] Multiple certificates for same key?
Previous by thread: Re: [IETF-PKIX] Multiple certificates for same key?
Next by thread: Re: [IETF-PKIX] Multiple certificates for same key?
Index(es):
- Date
- Thread