Victor Duchovni wrote:
> So with Kerberos the word hasW its narrower "named security entity"
> technical meaning. With X.509 one tends to talk of "subjects", "issuers",
> "registration authorities", "certification authorities", ... and the word
> "principal" is less common.

part of this has been that x.509 has layered certification authorities,
digital certificates and other business processes on top of any direct
interaction between parties. as a result, the focus of x.509 related
descriptions tends to focus on the certification processes and the
acceptance of those certification processes by relying parties.
(along with any digital certificate representation of those
certification processes)

credentials, certificates, licenses, diplomas, letters of
credit/introduction and other mechanisms have served the world for
centuries ... providing information to relying parties, where the
relying parties didn't have the information themselves and/or have
direct mechanisms for obtaining the information.

digital certificates has been electronic analog of those centuries old
constructs for representation of information for use by relying parties
(where the relying parties have no direct access to the information
and/or other mechanisms for obtaining the information).

in my merged security taxonomy and glossary collected from a variety of


    Terms merged from: AFSEC, AJP, CC1, CC2, CC21 (CC site), CIAO, FCv1,
FFIEC, FJC, FTC, IATF V3 (IATF site), IEEE610, ITSEC, Intel, JTC1/SC27
(SC27 site), KeyAll, MSC, NIST 800-30, 800-33, 800-37, 800-53, 800-61,
800-77, 800-83 FIPS140, NASA, NCSC/TG004, NIAP, NSA Intrusion, CNSSI
4009, online security study, RFC1983, RFC2504, RFC2647, RFC2828, TCSEC,
TDI, TNI, vulnerability testing and misc. Updated 20060202 with terms
from 800-77, 800-83

the only definition for principal comes from sc27:

    An entity whose identity can be authenticated. [SC27]

the merged taxonomy and glossaries from X9F (including some x.509
sources), i.e.

    Terms merged from X9F document glossaries: WD15782, X509, X9.8,
X9.24, X9.31, X9.42, X9.45, X9.49, X9.52, X9.62, X9.65, X9.69.  Terms
from ABA/ASC X9 TR1-1999 replace terms from X9F TG-16 glossary
(identified by lower case x9 instead of upper-case X9). Original source
documents include: X3.92, X3.106, x9.1, x9.5, x9.6, x9.8, x9.9, x9.17,
x9.19, x9.23, x9.24, x9.26, x9.28, x9.30, x9.31, x9.41, x9.42, x9.44,
x9.45, x9.49, x9.52, x9.55, x9.57, x9.62, x9.69 x9.74, x9.76, x9.78,
x9.80, x9.82, and TG-17. (990710)

doesn't include a definition for principal.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to