RFC 2692 (rfc2692) - Page 2 of 14
SPKI Requirements
Alternative Format: Original Text Document
RFC 2692 SPKI Requirements September 1999
Charter of the SPKI working group
Many Internet protocols and applications which use the Internet
employ public key technology for security purposes and require a
public key infrastructure to manage public keys.
The task of the working group will be to develop Internet standards
for an IETF sponsored public key certificate format, associated
signature and other formats, and key acquisition protocols. The key
certificate format and associated protocols are to be simple to
understand, implement, and use. For purposes of the working group,
the resulting formats and protocols are to be known as the Simple
Public Key Infrastructure, or SPKI.
The SPKI is intended to provide mechanisms to support security in a
wide range of Internet applications, including IPSEC protocols,
encrypted electronic mail and WWW documents, payment protocols, and
any other application which will require the use of public key
certificates and the ability to access them. It is intended that the
Simple Public Key Infrastructure will support a range of trust
models.
Background
The term certificate traces back to the MIT bachelor's thesis of
Loren M. Kohnfelder [KOHN]. Kohnfelder, in turn, was responding to a
suggestion by Diffie and Hellman in their seminal paper [DH]. Diffie
and Hellman noted that with public key cryptography, one no longer
needs a secure channel over which to transmit secret keys between
communicants. Instead, they suggested, one can publish a modified
telephone book -- one with public keys in place of telephone numbers.
One could then look up his or her desired communication partner in
the directory, find that person's public key and open a secure
channel to that person. Kohnfelder took that suggestion and noted
that an on-line service has the disadvantage of being a performance
bottleneck. To replace it, he proposed creation of digitally signed
directory entries which he called certificates. In the time since
1978, the term certificate has frequently been assumed to mean a
binding between name and key.
The SPKI team directly addressed the issue of bindings and
realized that such certificates are of extremely limited use for
trust management. A keyholder's name is one attribute of the
keyholder, but as can be seen in the list of needs in this document,
a person's name is rarely of security interest. A user of a
certificate needs to know whether a given keyholder has been granted
some specific authorization.
Ellison Experimental