- From: Joseph Reagle <reagle@w3.org>
- Date: Thu, 19 Dec 2002 10:30:05 -0500
- To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
- Cc: www-xkms@w3.org
On Wednesday 18 December 2002 21:07, Hallam-Baker, Phillip wrote: > > (And it's been a source of rat-hole and confusion since then as well > > <smile/>.) > > No it hasn't. Go upstairs and talk to Butler Lampson about it. He > invented the concept of a security reference monitor and got the Turing >award for it. Hi Phil, my concern isn't whether some very bright people at MIT, or even at Verisign <smile/>, have a complete theory of "trust", it's whether we are using a term that will be consistently understood term by many of those reading the specification. My hope is to *avoid* theories of trust and trust management and instead focus on the best spec we can deliver: avoid ambiguous uses of the term and when we do make use of it make it clear that "trust" is externally defined (according to some definition such as PKIX or SPKI) and evaluated (via a "local" policy -- even if sitting on a remove XKMS service.)
Received on Thursday, 19 December 2002 10:30:13 UTC