Re: History and definition of the term 'principal'?
* Hadmut Danisch: The only precise definition I found is in a law dictionary where it is defined as a legal term. The OED might also be helpful: B. [...] 2. a. A chief actor or doer; the chief person engaged in some transaction or function, esp. in relation to one employed by or acting for him (deputy, agent, etc.); the person for whom and by whose authority another acts. [...] 1962 H.O. Beecheno Introd. Business Stud. xiii. 117 Whereas an agent is not normally allowed to relend his principal's money at interest .. a bank is allowed to do this. 1976 Times 22 Par. (Baltic Exchange Suppl.) p. i/9 The Baltic is unusual in being open both to middle men and principals. I think this is a strong indication that the term is used in one of its original meanings. It also explained why nobody thinks it's necessary to define it properly. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: History and definition of the term 'principal'?
I was manager of development for Project Athena beginning in 1985. Amongst our projects was Kerberos, and, as you know, it was a direct implementation of Needham-Schroeder. Schroeder had been Jerome Saltzer's Ph.D. student and Saltzer was the MIT faculty member in charge of the technical side of Athena, and to whom I reported. The word principal was solidly in place from the moment the Kerberos work began, and comes directly from the work of Saltzer and Schroeder. At least as early as 1975 the term principal was in use in their work; see [1] for my own earliest reference. I suspect it was in place at Project MAC and might thus have some lineage with Multics, but now I am speculating. Needham is sadly gone, but Schroeder and Saltzer are still with us. If it is worth my pursuit of the matter I'll make the time for it, but I now forget why this was asked. If it is curiousity, perhaps the canoe is now far enough upriver. If it is a patent claim or the like and one needs to find the exact wet spot in the ground that the river starts, well, let me know. --dan [1] Proceedings of the IEEE. Vol. 63, No. 9 (September 1975), pp. 1278-1308; Manuscript received October 11, 1974; revised April 17, 1975. Copyright 1975 by J. H. Saltzer. The authors are with Project MAC and the Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology Cambridge, Mass. 02139. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: History and definition of the term 'principal'?
tmcghan quoted: SDSI's active agents (principals) are keys: specifically, the private keys that sign statements. We identify a principal with the corresponding verification (public) key... Calling a key a principal (and saying that a key speaks) is just a poetic language used in SDSI/SPKI. The goal was to eliminate liability by using keys as syntactic elements - a digital signature reduced to mathematics. This did not, however, turn out to be a real-world model because someone must have allowed the software to use that key or, at least, turned the computer on (even if by a cron job). Usually (but not always consistently) cryptography's use of principal is not what the dictionary says. Here, principal conveys the idea of owning or operating. In this sense, SDSI is somewhat right -- the private key seems to operate the signature -- but fails to recognize that, ultimately, the key by itself cannot operate(or own) anything. Being responsible for an account, or creating keys or passwords, is within the idea of owing or operating. Cheers, Ed Gerck - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: History and definition of the term 'principal'?
I like the definition in Kaufman-Perlman-Speciner: A completely generic term used by the security community to include both people and computer systems. Coined because it is more dignified than 'thingy' and because 'object' and 'entity' (which also means thingy) were already overused. --Sean Sean W. Smith, Ph.D. [EMAIL PROTECTED] www.cs.dartmouth.edu/~sws/ Department of Computer Science, Dartmouth College, Hanover NH USA - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: History and definition of the term 'principal'?
Hi, On Wed, Apr 26, 2006 at 03:18:40PM -0400, Sean W. Smith wrote: I like the definition in Kaufman-Perlman-Speciner: A completely generic term used by the security community to include both people and computer systems. Coined because it is more dignified than 'thingy' and because 'object' and 'entity' (which also means thingy) were already overused. Many thanks for the hint. :-) Are there different editions of Kaufman-Perlman-Speciner ? My edition of 1995 has two entries for principal in the index: - Page 129: A principal is anything or anyone participating in cryptographically protected communication. - Page 266: each user and each resource that will be using Kerberos. Which edition is yours? regards Hadmut - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: History and definition of the term 'principal'?
On Wed, Apr 26, 2006 at 06:33:43PM +0200, Hadmut Danisch wrote: Some say a principal is someone who participates in a cryptographical protocol. The way I see it, the common English sense is direct participant, not a third party. During TGS requests the Kerberos KDC is a *principal* in the TGS transaction. Soon after, the acquired ticket and session key are used to communicate with the intended service and the KDC is then a third party and not a *principal*. So with Kerberos the word hasW its narrower named security entity technical meaning. With X.509 one tends to talk of subjects, issuers, registration authorities, certification authorities, ... and the word principal is less common. Can anyone give me some hints? Maybe about how 'principal' is related to Roger Needham? Or whether there is a precise and general definition? Seems to be mostly a matter of perspective, on the wire single-sign-on systems authenticate principals, while in the OS or application server ACLs authorize subjects. Oddly enough the difference in terminology better reflects the power balance between the royal issuer and petty subject in X.509. Wild guess, perhaps more seriously this dates back to X.509 as a supporting technology for X.500 ACLs. In the context of Kerberos, I think of principals as living in an external global (or at least potentially larger) namespace, while subjects or users in ACLs are often local system specific entities. This means that one often needs a mapping from principals (global naming) to subjects/users (local naming). So principal != account. -- /\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAILMorgan Stanley confidentiality or privilege, and use is prohibited. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: History and definition of the term 'principal'?
from: http://theory.lcs.mit.edu/~rivest/publications.html Perspectives on Financial Cryptography (Revisited) by Ronald L. Rivest. Financial Cryptography '06 Conference Keynote. (Update of talk given for Financial Cryptography '97) PowerPoint presentation excerpt follows: SDSI's active agents (principals) are keys: specifically, the private keys that sign statements. We identify a principal with the corresponding verification (public) key: ( Principal: ( Public-Key: ( RSA-with-MD5: ( E: #03 ) ( N: #34FBA341FF73 ) ) ) ( Principal-At: http://abc.def.com/; ) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: History and definition of the term 'principal'?
Victor Duchovni wrote: So with Kerberos the word hasW its narrower named security entity technical meaning. With X.509 one tends to talk of subjects, issuers, registration authorities, certification authorities, ... and the word principal is less common. part of this has been that x.509 has layered certification authorities, digital certificates and other business processes on top of any direct interaction between parties. as a result, the focus of x.509 related descriptions tends to focus on the certification processes and the acceptance of those certification processes by relying parties. (along with any digital certificate representation of those certification processes) credentials, certificates, licenses, diplomas, letters of credit/introduction and other mechanisms have served the world for centuries ... providing information to relying parties, where the relying parties didn't have the information themselves and/or have direct mechanisms for obtaining the information. digital certificates has been electronic analog of those centuries old constructs for representation of information for use by relying parties (where the relying parties have no direct access to the information and/or other mechanisms for obtaining the information). in my merged security taxonomy and glossary collected from a variety of resources http://www.garlic.com/~lynn/index.html#glosnote aka: Security Terms merged from: AFSEC, AJP, CC1, CC2, CC21 (CC site), CIAO, FCv1, FFIEC, FJC, FTC, IATF V3 (IATF site), IEEE610, ITSEC, Intel, JTC1/SC27 (SC27 site), KeyAll, MSC, NIST 800-30, 800-33, 800-37, 800-53, 800-61, 800-77, 800-83 FIPS140, NASA, NCSC/TG004, NIAP, NSA Intrusion, CNSSI 4009, online security study, RFC1983, RFC2504, RFC2647, RFC2828, TCSEC, TDI, TNI, vulnerability testing and misc. Updated 20060202 with terms from 800-77, 800-83 the only definition for principal comes from sc27: principal An entity whose identity can be authenticated. [SC27] the merged taxonomy and glossaries from X9F (including some x.509 sources), i.e. X9F Terms merged from X9F document glossaries: WD15782, X509, X9.8, X9.24, X9.31, X9.42, X9.45, X9.49, X9.52, X9.62, X9.65, X9.69. Terms from ABA/ASC X9 TR1-1999 replace terms from X9F TG-16 glossary (identified by lower case x9 instead of upper-case X9). Original source documents include: X3.92, X3.106, x9.1, x9.5, x9.6, x9.8, x9.9, x9.17, x9.19, x9.23, x9.24, x9.26, x9.28, x9.30, x9.31, x9.41, x9.42, x9.44, x9.45, x9.49, x9.52, x9.55, x9.57, x9.62, x9.69 x9.74, x9.76, x9.78, x9.80, x9.82, and TG-17. (990710) doesn't include a definition for principal. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: History and definition of the term 'principal'?
On Wed, 26 Apr 2006 18:33:43 +0200, Hadmut Danisch [EMAIL PROTECTED] wrote: I need to solve a dispute. Someone claims, that 'principal' is an established 'concept' introduced by Roger Needhams, but could not give any citation. Someone else confirms this and claims, that 'principal' is indeed a 'well-introduced' concept, but also can't cite any source or give any definition. There were a number of things that Roger deserves at least some credit for that he never claimed (such as one-way hashing of passwords), at least in part because they were developed at the Eagle Pub. Whether it was modesty on his part, the fact that these things were group efforts, or the fine IPA they serve there I don't know... --Steven M. Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: History and definition of the term 'principal'?
Are there different editions of Kaufman-Perlman-Speciner ? I got that definition from the glossary in the 2nd edition. I'm pretty sure it was in the glossary in the first edition as well, but I can't seem to find my copy anymore! - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]