[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gzz-commits] storm/doc/dartboard/pointer_identities--benja i...
From: |
Benja Fallenstein |
Subject: |
[Gzz-commits] storm/doc/dartboard/pointer_identities--benja i... |
Date: |
Wed, 09 Jul 2003 20:45:46 -0400 |
CVSROOT: /cvsroot/storm
Module name: storm
Branch:
Changes by: Benja Fallenstein <address@hidden> 03/07/09 20:45:46
Modified files:
doc/dartboard/pointer_identities--benja: idea.rst
Log message:
more
CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/storm/storm/doc/dartboard/pointer_identities--benja/idea.rst.diff?tr1=1.1&tr2=1.2&r1=text&r2=text
Patches:
Index: storm/doc/dartboard/pointer_identities--benja/idea.rst
diff -u storm/doc/dartboard/pointer_identities--benja/idea.rst:1.1
storm/doc/dartboard/pointer_identities--benja/idea.rst:1.2
--- storm/doc/dartboard/pointer_identities--benja/idea.rst:1.1 Wed Jul 9
19:10:01 2003
+++ storm/doc/dartboard/pointer_identities--benja/idea.rst Wed Jul 9
20:45:46 2003
@@ -2,8 +2,14 @@
The problem with pointers and identity
======================================
-Problem statement
-=================
+:Author: Benja Fallenstein <address@hidden>
+:Created: 2003-07-10
+:Changed: $Date: 2003/07/10 00:45:46 $
+
+.. contents::
+
+Introduction / Problem statement
+================================
So I've been doing a *lot* of thinking over
the last few days regarding Storm pointers.
@@ -117,10 +123,56 @@
A certificate authority (CA) could do that job.
Certificates can associate any kind of information
with a key-- certainly they can associate an id with it.
+In fact, CAs following X.509 apparently must
+include a "Distinguished Name" in every certificate
+that must be unique in that CA.
However, there is a deeper problem: Certificates
as used in e.g. X.509 become invalid when the key
that has signed them becomes invalid.
(Now, if we had a good timestamping algorithm...
-oh well.)
\ No newline at end of file
+oh well.)
+
+
+Key-based identity; hierarchical identity; axiomatic identity
+=============================================================
+
+Allow me to go a little theoretical and introduce
+three "types of identity" now. I'll keep it short.
+
+Key-based identity:
+ The identity of an entity is its public key.
+ Anything signed with the matching private key
+ is taken to come from that entity.
+
+Hierarchical identity:
+ A known entity can create "child" entities
+ by assigning them names. The identity of a
+ child entity is the parent's identity plus
+ the name assigned by the parent entity.
+ To know who the child entity is, ask the
+ parent entity.
+
+ Example: DNS; to know which host is
+ ``io.it.jyu.fi``, ask ``it.jyu.fi``.
+
+Axiomatic identity:
+ An entity's identity is not concluded from some
+ other information, but specified through
+ some out-of-bounds means.
+
+ Examples: The DNS root servers; file names
+ on a hard disk (the entity corresponding to
+ ``/home/benja/foo.txt`` is "axiomatically" stated
+ by the bits on my hard disk, not concluded
+ from some other information).
+
+(I have a hard time describing the third category
+well, so maybe it doesn't really make sense to
+lump the DNS root and files on your hard disk
+into the same category, but somehow I have this
+feeling that they're similar in a fundamental way.
+Hm. Comments appreciated.)
+
+