[Gzz-commits] storm/doc/dartboard/pointer_identities--benja i...

[Benja Fallenstein]

CVSROOT:        /cvsroot/storm
Module name:    storm
Branch:         
Changes by:     Benja Fallenstein <address@hidden>      03/07/09 20:45:46

Modified files:
        doc/dartboard/pointer_identities--benja: idea.rst 

Log message:
        more

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/storm/storm/doc/dartboard/pointer_identities--benja/idea.rst.diff?tr1=1.1&tr2=1.2&r1=text&r2=text

Patches:
Index: storm/doc/dartboard/pointer_identities--benja/idea.rst
diff -u storm/doc/dartboard/pointer_identities--benja/idea.rst:1.1 
storm/doc/dartboard/pointer_identities--benja/idea.rst:1.2
--- storm/doc/dartboard/pointer_identities--benja/idea.rst:1.1  Wed Jul  9 
19:10:01 2003
+++ storm/doc/dartboard/pointer_identities--benja/idea.rst      Wed Jul  9 
20:45:46 2003
@@ -2,8 +2,14 @@
 The problem with pointers and identity
 ======================================
 
-Problem statement
-=================
+:Author:  Benja Fallenstein <address@hidden>
+:Created: 2003-07-10
+:Changed: $Date: 2003/07/10 00:45:46 $
+
+.. contents::
+
+Introduction / Problem statement
+================================
 
 So I've been doing a *lot* of thinking over
 the last few days regarding Storm pointers.
@@ -117,10 +123,56 @@
 A certificate authority (CA) could do that job.
 Certificates can associate any kind of information
 with a key-- certainly they can associate an id with it.
+In fact, CAs following X.509 apparently must
+include a "Distinguished Name" in every certificate
+that must be unique in that CA.
 
 However, there is a deeper problem: Certificates
 as used in e.g. X.509 become invalid when the key
 that has signed them becomes invalid.
 
 (Now, if we had a good timestamping algorithm...
-oh well.)
\ No newline at end of file
+oh well.)
+
+
+Key-based identity; hierarchical identity; axiomatic identity
+=============================================================
+
+Allow me to go a little theoretical and introduce 
+three "types of identity" now. I'll keep it short.
+
+Key-based identity:
+    The identity of an entity is its public key.
+    Anything signed with the matching private key
+    is taken to come from that entity.
+
+Hierarchical identity:
+    A known entity can create "child" entities
+    by assigning them names. The identity of a
+    child entity is the parent's identity plus
+    the name assigned by the parent entity.
+    To know who the child entity is, ask the
+    parent entity.
+
+    Example: DNS; to know which host is
+    ``io.it.jyu.fi``, ask ``it.jyu.fi``.
+
+Axiomatic identity:
+    An entity's identity is not concluded from some
+    other information, but specified through
+    some out-of-bounds means.
+
+    Examples: The DNS root servers; file names
+    on a hard disk (the entity corresponding to
+    ``/home/benja/foo.txt`` is "axiomatically" stated
+    by the bits on my hard disk, not concluded
+    from some other information).
+
+(I have a hard time describing the third category
+well, so maybe it doesn't really make sense to
+lump the DNS root and files on your hard disk
+into the same category, but somehow I have this
+feeling that they're similar in a fundamental way.
+Hm. Comments appreciated.)
+
+