[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on the PKIX Roadmap

To: Denis.Pinkas@xxxxxxxx
Subject: Re: Comments on the PKIX Roadmap
From: Peter Sylvester <Peter.Sylvester@xxxxxxxxxx>
Date: Thu, 4 Nov 1999 16:24:08 +0100 (MET)
Cc: ietf-pkix@xxxxxxx

> > 
> > Okay I can add this.  Other have commented in private e-mail to expand
> > the DVCS description to include:
> > 
> > - delegation of verification to trustworthy servers
> > - Chaining of verifications
> > - The DVCS not only validates the signature of the document,  it checks
> > the validity of a document.
> 
> For the last sentence, I do not think so. The content of the signed
> part is not "validated"

Nothing in the protocol prohibits a server to use whatever
kwowledge. It doesn't mean that it tries to interprete
the content, the existance in some context may be sufficient.
The validity of the document can be asserted even if none of the
original signatures can be validated. Even if it bears no signatures
at all, e.g. when responding to a question like : is the following
text a valid law?)

A DVCS can have knowledge about all documents that have ever been
produced (and may be archived), and just uses this information as
a base of its decision.

Responding to questions 'Is this picture a beautiful one?'
seems outside the scope of that protocol, unless you restrict the answer
to some algorithm defined by yourself, or you believe in oracles, or
if you use DVCS as a voting protocol.

> "Impossible " means impossible, not "more difficult". :-)
I can't resist. Napolean Bonaparte: 'impossible' is not a French word. :-)

Prev by Date: Re: QC comparisons are DEADLY serious!
Next by Date: RE: QC certificates and Nationality
Previous by thread: Re: Comments on the PKIX Roadmap
Next by thread: Y2K, RFC 2459, . . .
Index(es):
- Date
- Thread