"trust management" vs. "certified identity"
Matt Blaze
mab at research.att.com
Sat Jan 6 17:13:47 PST 1996
...
>That's not to say that the certification approach can't be general, though.
>It occurred to me that a very general certificate format would
>simply be to sign some assertions (predicates), and then
>feed all available signed predicates plus some axioms (the analogue
>of root keys) into a theorem prover. Sounds slow though. More
>practically perhaps, you could sign some kind of (safe) interpreted code,
>and have the verifier execute it on some initial variable set to come up with
>some access decision.
>
Yes. That's pretty much PolicyMaker in a nutshell.
-matt
More information about the Testlist
mailing list