[OpenID] OpenId recycling and trust

[Eric Norman]

On Sep 30, 2007, at 2:53 AM, Peter Williams wrote:

> If it helps, the X.509 community went through the very same issues, in 
> about 1990.
>
> In the 1998 version of the standard, the X.509 v1 cert had no notion 
> of identity recycling. One firm argued it had no need , as one could 
> index a cert uniquely as {Name,serial}. By 1990, ISO had passed an 
> amendment for the v2 cert. The extension mechanism of ISO 8824 was 
> applied to add tags to the abstract type for certs. They added 
> issuerUnique and subjectUnique integers (at the behest of NorTel/CSE 
> and DEC/NSA). Arguments that v1 format was sufficient were rejected - 
> even though BBN/NSA disclosed how it used v1 serial numbers for 
> authority controls, in tightly controlled cert issuing regimes relying 
> on trust in certified hardware that in turn relied on certified 
> manufacturing/keyescrow protocols only found in the late-1980s comsec 
> world.
>
> Whilst these v2 integers solved the problem, they never really took 
> off - as they were tied to the base Directory protocols - which were 
> necessary for resolving the unique name (including historical id 
> recycling).
>
> The v3 format of the X.509 cert was what took off - once it was 
> decoupled from the Directory world for use in the internet world of 
> Steve Dusse's S/MIME and Tajer El Gamal's SSL. In V3, the name field 
> is irrelevant now, as is the serial number of the cert. All you care 
> about is the unique (signed) hash of the subject's public key.
>
> So, if you want to learn a lesson of history, tie identifier recyling 
> to the handling of certified public keys. It works, it scales, and its 
> adoptable en masse. Or, you can be doomed to repeat all the old 
> discussions of the same old topics, decade after decade.

So I reckon someone should have paid attention when the
SPKI folks were talking.  Oh well, our idea is always
better than yours, isn't it?

Eric Norman
http://ejnorman.blogspot.com