History and definition of the term 'principal'?
Ed Gerck
edgerck at nma.com
Thu Apr 27 07:25:36 EDT 2006
tmcghan quoted:
> SDSI's active agents (principals) are keys: specifically, the private keys
> that sign statements. We identify a principal with the
> corresponding verification (public) key...
Calling a key a "principal" (and saying that a key "speaks") is just
a poetic language used in SDSI/SPKI. The goal was to eliminate liability
by using keys as syntactic elements - a digital signature reduced to
mathematics. This did not, however, turn out to be a real-world model
because someone must have allowed the software to use that key or, at least,
turned the computer on (even if by a cron job).
Usually (but not always consistently) cryptography's use of "principal" is
not what the dictionary says.
Here, principal conveys the idea of "owning or operating".
In this sense, SDSI is somewhat right -- the private key seems to
operate the signature -- but fails to recognize that, ultimately, the key
by itself cannot operate(or own) anything.
Being responsible for an account, or creating keys or passwords, is within
the idea of "owing or operating".
Cheers,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list