[E-Lang] Hash Chaining & Capabilities, Proposal #2d: Deputizing Remote Vats

Mark S. Miller markm@caplet.com
Sun, 31 Dec 2000 23:39:37 -0800


At 03:14 AM Friday 12/29/00, Ben Laurie wrote:
>"Karp, Alan" wrote:
>> 
>> I don't know what "secret based bearer certificates" are, but I never heard
>> the term while working on e-speak.
>
>Well, just reading the words, a secret based bearer certificate would be
>one that is anonymous (i.e. the fact you have it proves you have the
>capability it refers to) and uses a secret (and, presumably, therefore,
>an HMAC or similar) to verify it, as opposed to using some form of PK.
>Which would also imply that there must be a third-party verifier (which
>may not be true in the case of a PK based bearer cert).

Having just now read this thread, a brief clarification (until I have 
the time to be more long winded, probably later this week).

Ben's guess is wrong, or rather, is not what I meant when I introduced this 
terminology.  However, what Ben means is also interesting, and we need to 
ensure it doesn't get lost when we fix the terminology.  So I propose that 
we call the one I was talking about "Frantz Bearer Certificates" or "FBC"s 
(if that's alright with you, Bill), since it started with a suggestion from 
Bill.  And that we call these others "Laurie Bearer Certificates" or "LBC"s 
(if that's alright with you, Ben).


        Cheers,
        --MarkM