Re: [Jsdsi-users] Specific Tag
Status: Pre-Alpha
Brought to you by:
sajma
Menu
▾
▴
Re: [Jsdsi-users] Specific Tag
|
From: Sameer A. <aj...@cs...> - 2004-05-10 00:50:24
|
> As you told me I can achieve points 1 and 2 using existing jsdsi tags, > but I think that for point three I need to redefine the intersection > function. That is why I first though about extending > jsdsi.Tag. Another possibility is to avoid evaluating point 3 in the > intersection, but then the hash verification has to be done somewhere > else. I think checking the hash chain somewhere else makes sense. The ID is enough to uniquely identify a hash chain, and the index ensures proper ordering, so together they are enough for the Prover to build the certificate chain. Assuming the certificates were created correctly, then the hash chain should also be correct. Of course, the Verifier will need to check that this is in fact true! Also, I don't think "h2 = h(h1)" is really in the spirit of tag "intersection" -- contrast with the intersection rules for sets, ranges, prefixes, etc, which are more intuitive. I actually think hash chains ought to be a separate primitive in JSDSI. Hash chains are useful to create certificate revocation and validation lists and trees, and JSDSI currently has no support for them. A long time ago I proposed a format for hash chains to the SPKI mailing list; perhaps I should dig that up. You might search the SPKI mailing list archives for mention of hash chains or validation trees. Sameer |
