IETF Logo Mail Archive

Re: [saag] Alternative terminology to "certificate" or "credential"?

Henry B Hotz <hbhotz@oxy.edu> Thu, 29 May 2014 22:21 UTC

Return-Path: <hbhotz@oxy.edu>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC2541A0293 for <saag@ietfa.amsl.com>; Thu, 29 May 2014 15:21:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.234
X-Spam-Level:
X-Spam-Status: No, score=-1.234 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id meF79MEVUtpT for <saag@ietfa.amsl.com>; Thu, 29 May 2014 15:21:55 -0700 (PDT)
Received: from mailout4.easymail.ca (mailout1.easymail.ca [64.68.200.113]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1CD6D1A0195 for <saag@ietf.org>; Thu, 29 May 2014 15:21:54 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mailout4.easymail.ca (Postfix) with ESMTP id 51D1CE319; Thu, 29 May 2014 18:21:47 -0400 (EDT)
X-Virus-Scanned: Debian amavisd-new at mailout4.easymail.ca
Received: from mailout4.easymail.ca ([127.0.0.1]) by localhost (easymail-mailout2.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oyB4gsUZ0KuL; Thu, 29 May 2014 18:21:46 -0400 (EDT)
Received: from [192.168.3.137] (24-205-93-255.dhcp.psdn.ca.charter.com [24.205.93.255]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mailout4.easymail.ca (Postfix) with ESMTPSA id B74E0E2F4; Thu, 29 May 2014 18:21:45 -0400 (EDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_D378CC1D-C61F-4712-812A-9E136738C05D"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Henry B Hotz <hbhotz@oxy.edu>
In-Reply-To: <5386274B.4070507@dcrocker.net>
Date: Thu, 29 May 2014 15:21:44 -0700
Message-Id: <E6031D25-912D-4575-ADE5-350B00D2B86C@oxy.edu>
References: <537F560C.4020900@dcrocker.net> <5386274B.4070507@dcrocker.net>
To: dcrocker@bbiw.net
X-Mailer: Apple Mail (2.1510)
Archived-At: http://mailarchive.ietf.org/arch/msg/saag/UeyqNMA2Q8yI-0RLKbC6JKuoudo
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] Alternative terminology to "certificate" or "credential"?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 May 2014 22:21:56 -0000

So the idea is that a SAML assertion, GSS credential, and X.509 certificate are all examples of a signet? I agree that the existing dictionary definition of the word is nice for the purpose (though I would have voted for Nico's suggestion).

On May 28, 2014, at 11:13 AM, Dave Crocker <dhc2@dcrocker.net> wrote:

> On 5/23/2014 7:07 AM, Dave Crocker wrote:
>> I'm looking for a term that refers to a package associating a key with
>> "other attributes" but which does not imply the usual Certificate
>> Authority trust model.
>> 
>> Rather, packaging things together is separate from statements of trust
>> about the package supplier or the contents of the package
> 
> 
> Many thanks to the folk who offered and discussed candidate vocabulary.
> 
> An ad hoc, separate (small-group) discussion yesterday developed
> surprisingly strong rough consensus on a term:
> 
>     signet
> 
> It nicely has relevant natural-language semantics and no apparent
> security area, term-of-art baggage.
> 
> d/
> 
> 
> 
> -- 
> Dave Crocker

Personal email.  hbhotz@oxy.edu

v2.39.1 | Report a Bug | By Email | System Status