RE: requirements - 4-corner wording from Daniel Ash on 2002-01-24 (www-xkms@w3.org from January 2002)

From: Daniel Ash <Daniel.Ash@identrus.com>
Date: Thu, 24 Jan 2002 15:48:19 -0500
To: "'Rich Salz'" <rsalz@zolera.com>, hirsch@zolera.com
Cc: www-xkms@w3.org
Message-ID: <2B55DABB95C4D4119C1300508BD953F134CC8B@BLUE01>

The only distinguishing factor of the 4-corner is the "peerwise trust
relationship", which is certainly out-of-scope for XKMS... which leaves us
with an environment that supports referrals (even less Identrus-y).  Without
referrals it will be more difficult to separate complicated trust models
(cross-certification, bridges.. etc) from the trust relationship between
client and service.  This separation, I think, is tantamount in shielding
end entities from more complexity than necessary.  

Other trust infrastructures could benefit, as much as Identrus could, from a
referral mechanism (I'm not quite sure what the difference is between
referrals and server chaining).  Does anyone else agree that a referrals (or
server chaining) requirement should replace the 4-corner requirement?

-dan  


> -----Original Message-----
> From: Rich Salz [mailto:rsalz@zolera.com]
> Sent: Thursday, January 24, 2002 1:02 PM
> To: hirsch@zolera.com
> Cc: www-xkms@w3.org
> Subject: Re: requirements - 4-corner wording
> 
> 
> How about making the definition less Identrus-y?
> 
> 4-corner model
> A processing and/or trust environment where end-entities 
> interact with a 
> single trusted point of contact, and each such contact has a peerwise 
> trust relationship with all other contacts.
> 	/r$
> -- 
> Zolera Systems, http://www.zolera.com
> Information Integrity, XML Security
>

Received on Thursday, 24 January 2002 15:48:50 UTC