On Thu, 22 Jan 2004, Stephen J. Turnbull wrote:

> don't see what you can do with your "global token" that can't be done
> by calling up Chalmers (by any convenient and "sufficiently secure"
> protocol) and asking if such and such a public key is registered with
> their certification authority.

PKI has some known problems, which I'd rather not discuss here,
and it implies one certain technology (public keys).

My point is to make a base for transparent usage of identity names without
dependency on the underlying technology of the corresponding authority.
To be able to use existing databases.
Avoid the burden of maintaining authentication keys (you have it -
updating expired keys, locking of stolen ones is you headache as
cvs-provider, while it could/should be a headache of the
authentication-provider).

Imagine 92 different services at a university, usable for a student.

Take a central Kerberos database and 92 lists of "allowed principals",
one per service,
compared to maintaining 92 lists of ssh RSA or DSA keys...

When a student looses her password/passphrase, her
identification card and photo is compared to her face, and the password is
reset in the Kerberos database (1 check, 1 operation)

- or her keys are replaced in 92 lists
(92 operations, 92 identity checks, if at all ever done...)

A global identities namespace will make it possible to use [already
existing and sometimes well maintained] authentication databases

freely, without a certain service being dependent on a certain database
in any way except the explicit presence of the corresponding identities in
its authorization rules.

It is especially useful for truly global services like Coda!

Thanks for your comments, Stephen!
They gave me an additional chance to explain the ideas behind the
proposal.

Regards,
--
Ivan