tmcghan quoted:
SDSI's active agents (principals) are keys: specifically, the private keys that sign statements. We identify a principal with the corresponding verification (public) key...
Calling a key a "principal" (and saying that a key "speaks") is just a poetic language used in SDSI/SPKI. The goal was to eliminate liability by using keys as syntactic elements - a digital signature reduced to mathematics. This did not, however, turn out to be a real-world model because someone must have allowed the software to use that key or, at least, turned the computer on (even if by a cron job). Usually (but not always consistently) cryptography's use of "principal" is not what the dictionary says. Here, principal conveys the idea of "owning or operating". In this sense, SDSI is somewhat right -- the private key seems to operate the signature -- but fails to recognize that, ultimately, the key by itself cannot operate(or own) anything. Being responsible for an account, or creating keys or passwords, is within the idea of "owing or operating". Cheers, Ed Gerck --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
