[E-Lang] Hash Chaining & Capabilities, Proposal #2d: Deputizing Remote Vats

Bill Frantz frantz@communities.com
Tue, 02 Jan 2001 15:09:10 -0800


At 11:39 PM 12/31/00 -0800, Mark S. Miller wrote:
>At 03:14 AM Friday 12/29/00, Ben Laurie wrote:
>>"Karp, Alan" wrote:
>>> 
>>> I don't know what "secret based bearer certificates" are, but I never
heard
>>> the term while working on e-speak.
>>
>>Well, just reading the words, a secret based bearer certificate would be
>>one that is anonymous (i.e. the fact you have it proves you have the
>>capability it refers to) and uses a secret (and, presumably, therefore,
>>an HMAC or similar) to verify it, as opposed to using some form of PK.
>>Which would also imply that there must be a third-party verifier (which
>>may not be true in the case of a PK based bearer cert).
>
>Having just now read this thread, a brief clarification (until I have 
>the time to be more long winded, probably later this week).
>
>Ben's guess is wrong, or rather, is not what I meant when I introduced this 
>terminology.  However, what Ben means is also interesting, and we need to 
>ensure it doesn't get lost when we fix the terminology.  So I propose that 
>we call the one I was talking about "Frantz Bearer Certificates" or "FBC"s 
>(if that's alright with you, Bill), since it started with a suggestion from 
>Bill.  And that we call these others "Laurie Bearer Certificates" or "LBC"s 
>(if that's alright with you, Ben).

I feel like I've just been caught sleeping in class.  Which certificate is
which?  How do they differ?

I do agree with Ben that names which describe the named object are better
than arbitrary names.  Lacking good descriptions, Frantz/Laurie is as good
as Foo/Bar.