[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Draft Charter
Why do we need the emphasis on "public key" and "digitally signing" with
respect to trust anchors?
I can think of trust anchors that could be identified through a kerberos
principal name or a DN, and online trust anchors that can be queried for
info over an authenticated tls connection...
-Frank.
Stephen Kent wrote:
>
> At 4:52 PM -0400 8/20/07, Carl Wallace wrote:
>> Here's a variation that references digital signatures:
>>
>> A trust anchor represents an authoritative source of one or more types
>> of information. Trust anchors are comprised of a public key and
>> associated data. The public key is used to verify digital signatures
>> and the associated data is used to constrain the types of information
>> for which the trust anchor is authoritative. Relying parties use
>> trust anchors to determine if digitally signed information objects are
>> valid by verifying digital signatures using the trust anchor's public
>> key and by enforcing the constraints expressed in the associated data.
>
>
> Carl,
>
> That's much better, but I don't see why the first sentence has to be so
> broad. How about: "A trust anchor represents an authoritative entity
> represented by a public key and associated data."
>
> Steve
>
--
Frank Siebenlist franks@xxxxxxxxxxx
The Globus Alliance - Argonne National Laboratory