Re: FW: changelog #A1

On Wednesday 18 December 2002 21:07, Hallam-Baker, Phillip wrote:
> > (And it's been a source of rat-hole and confusion since then as well
> > <smile/>.)
>
> No it hasn't. Go upstairs and talk to Butler Lampson about it. He
> invented the concept of a security reference monitor and got the Turing
>award for it.

Hi Phil, my concern isn't whether some very bright people at MIT, or even at 
Verisign <smile/>, have a complete theory of "trust", it's whether we are 
using a term that will be consistently understood term by many of those 
reading the specification. My hope is to *avoid* theories of trust and 
trust management and instead focus on the best spec we can deliver: avoid 
ambiguous uses of the term and when we do make use of it make it clear that 
"trust" is externally defined (according to some definition such as PKIX or 
SPKI) and evaluated (via a "local" policy -- even if sitting on a remove 
XKMS service.)

Received on Thursday, 19 December 2002 10:30:13 UTC