- From: David Chadwick <D.W.Chadwick@kent.ac.uk>
- Date: Thu, 21 Jun 2018 08:51:48 +0100
- To: Anders Rundgren <anders.rundgren.net@gmail.com>, public-credentials@w3.org
My colleagues at Toulouse built a first prototype implementation of a trust broker, you can read about it here: Ahmad Samer Wazan, Romain Laborde, David W. Chadwick, Francois Barrere, Abdelmalek Benzekri, Mustafa Kaiiali and Adib Habbal. "Trust Management for Public Key Infrastructures: Implementing the X.509 Trust Broker," Security and Communication Networks, vol. 2017, Article ID 6907146, 23 pages, 2017. doi:10.1155/2017/6907146. If anyone has difficulty in obtaining the above, there is a copy for personal study available at my university's repository https://kar.kent.ac.uk/60311/ David On 21/06/2018 07:49, Anders Rundgren wrote: > On 2018-06-21 01:09, David Chadwick wrote: >> Interestingly the latest version of X.509 has introduced the 4 cornered >> trust model, with RPs trusting Trust Brokers who validate the numerous >> root CAs on their behalf. > > Thanx! that's news to me. > > I'm personally trying to create a more "Internet-ish" version of the 4 > cornered model > https://cyberphone.github.io/doc/defensive-publications/authority-objects.pdf > > but it may be limited to payments. > > Anders > >> >> David >> >> On 20/06/2018 21:02, Anders Rundgren wrote: >>> The to date only provably scalable trust scheme I'm aware of is the >>> "four corner model" used by banks. >>> >>> That is, clients trust their respectively banks which in turn trust each >>> other. >>> >>> A down-side of that model is that it is hard to combine with end-2-end >>> security. >>> >>> Anders >>> >>> On 2018-06-20 21:11, Henry Story wrote: >>>> Hi all, >>>> >>>> I wrote a blog post entitled perhaps a little teasingly >>>> with the title of this thread. This followed a longer >>>> entry on Digital Sovereignty I wrote, where I get into >>>> the concept of an institutional Web of Trust. This lead >>>> Prof Bryan Ford in the distributed/decentralised systems >>>> group at EPFL in Lausanne to ask why that Web of Trust would >>>> be more successful and avoid the problems of the PGP one. >>>> >>>> So I had to look into what the exact problems with the PGP >>>> web of trust was. But as certain obvious limitations were >>>> clear from reading the PGP spec and as I thought it would >>>> be unjust to tie them to such accidental errors I imagined >>>> what would happen if they evolved to using the W3C Verifiable >>>> Claims standards. >>>> >>>> https://medium.com/@bblfish/what-are-the-failings-of-pgp-web-of-trust-958e1f62e5b7 >>>> >>>> >>>> >>>> Please let me know if I have misunderstood something. >>>> I am covering quite a lot of ground here. >>>> >>>> Feedback very much welcome :-) >>>> >>>> Henry Story >>>> http://co-operating.systems/ >>>> >>> >>> >>> >> > >
Received on Thursday, 21 June 2018 07:52:15 UTC