Comparison of Attribute and Public Key Certificates
AC is similar to PKC except that AC contains no public key because an AC verifier is under the control of the AC issuer, and therefore, trusts the issuer directly by having the public key of the issuer preinstalled. This means that once the AC issuer's private key is compromised, the issuer has to generate a new key pair and replaces the old public key in all verifiers under its control with the new one.
In addition to the absence of a public key, AC does not refer to the holder directly using identity information like in PKC but indirectly using the PKC. This means that the verification of an AC requires the presence of the PKC that is referred as the AC holder in the AC.
Similar to PKC, AC can be chained to delegate attributions. For example, an authorization certificate issued for Alice authorizes her to use a particular service. Alice can delegate this privilege to her assistant Bob by issuing an AC for Bob's PKC. When Bob wants to use the service, he presents his PKC and a chain of ACs starting from his own AC issued by Alice and then Alice's AC issued by the issuer that the service trusts. In this way, the service can verify that Alice has delegated her privilege to Bob and that Alice has been authorized to use the service by the issuer that controls the service. RFC 3281, however, does not recommend the use of AC chains because the complexity in administering and processing the chain is not worth the effort and there is little use of AC in the Internet.
Read more about this topic: Authorization Certificate
Famous quotes containing the words comparison of, comparison, attribute, public and/or key:
“We teach boys to be such men as we are. We do not teach them to aspire to be all they can. We do not give them a training as if we believed in their noble nature. We scarce educate their bodies. We do not train the eye and the hand. We exercise their understandings to the apprehension and comparison of some facts, to a skill in numbers, in words; we aim to make accountants, attorneys, engineers; but not to make able, earnest, great- hearted men.”
—Ralph Waldo Emerson (1803–1882)
“Certainly there is not the fight recorded in Concord history, at least, if in the history of America, that will bear a moment’s comparison with this, whether for the numbers engaged in it, or for the patriotism and heroism displayed.”
—Henry David Thoreau (1817–1862)
“It has never been in my power to sustain ... I can pass swiftly from one effect to another, but I cannot fix one, and dwell on it, with that superb concentration which seems to me the special attribute of the tragic actress.”
—Ellen Terry (1847–1928)
“Mass ought to be in Latin, unless you cd. do it in Greek or Chinese. In fact, any abracadabra that no bloody member of the public or half-educated ape of a clargimint cd. think he understood.”
—Ezra Pound (1885–1972)
“Now narrow minds can develop as well through persecution as through benevolence; they can assure themselves of their power by tyrannizing cruelly or beneficently over others; they go the way their nature guides them. Add to this the guidance of interest, and you will have the key to most social riddles.”
—HonorĂ© De Balzac (1799–1850)