To:
Steve Hanna <steve.hanna@sun.com>
cc:
Keith Moore <moore@cs.utk.edu>, Greg Hudson <ghudson@MIT.EDU>, keydist@cafax.se
From:
Keith Moore <moore@cs.utk.edu>
Date:
Thu, 17 Jan 2002 13:21:56 -0500
In-reply-to:
Your message of "Thu, 17 Jan 2002 12:04:33 EST." <3C470421.673B7C22@sun.com>
Sender:
owner-keydist@cafax.se
Subject:
Re: Trusting keys (was Re: looking for draft volunteers)
> > I agree that it's a difficult problem, but I don't think it's similar to
> > the multiple root problem. Overnight I realized that you can't assign
> > trust values that can be compared to different keys. What you can say
> > are things like "this key is signed by a key that you trust for purpose
> > X" and let users (or their superiors) supply the X for a given key.
> > X might be "casual use" or "XYZ company business" or "XX government
> > official business" or whatever.
>
> This is a hard problem, but not impossible. In fact, the PKIX
> working group has solved it with the certificate policy extension.
> Including this extension in a certificate allows you to identify
> what the subject key should be trusted for. The identifier is an
> OID. It can be local to a particular organization (like "XYZ
> company business") or it can be widely understood (like "suitable
> for casual email"). There's even a way to map between different
> organizations' OIDs ("U.S. Top Secret implies Canadian Restricted"),
> although that's rarely used.
okay, but does this allow users to specify constraints on the usage
of these keys, in terms that they understand, in addition to the
constraints contained in cert policy extensions?
and if there are several constraints on usage of a key, each defined
with an OID so that private constraints can be expressed, how are
those constraints combined?
Keith