@Misc{EFLRx99a, author = { Carl M. Ellison and Bill Frantz and Butler Lampson and Ron[ald L.] Rivest and Brian M. Thomas and Tatu Ylonen }, title = { Simple Public Key Certificate }, howpublished = { Internet-draft draft-ietf-spki-cert-structure-06.txt, July 26, 1999. }, date = { 1999-07-26 }, OPTyear = { 1999 }, OPTmonth = { July 26, }, OPTnote = {}, OPTannote = {}, abstract = { This document defines the structure of SPKI certificates, CRLs, other fine-grain validity instruments and sequences of those objects to be delivered from a prover to a verifier. The purpose of such objects is to establish the prover's authorization to have a request satisfied by the verifier. Establishing identity, sometimes thought to be the only purpose of a certificate, is considered to be an optional step in this process but not the goal of the effort and often unnecessary. \par The authorization computation also involves an ACL [Access Control List], by necessity. Since the ACL is never communicated from one party to another, there is no reason to standardize its format. That is left to the implementer, although this document does give an example format for an ACL. \par The authorization field carried by SPKI certificates and ACLs is left to be defined, to suit each particular application or protocol. SPKI defines rules for combination of authorization fields, constraining the construction of these, but leaves specific details up to the implementer. Examples of authorization fields are to be found in draft-ietf-spki-cert-examples-*.txt. \par The process of reducing SPKI sequences and an ACL to determine an authorization result is spelled out here, but an individual implementer is free to design new reduction algorithms as long as they are computationally equivalent to the one defined here. \par SPKI certificates bind either names or explicit authorizations to keys or other objects. The binding to a key can be directly to an explicit key, or indirectly through the hash of the key or a name for it. The binding to an object is via the hash of the object or a name that resolves to that hash. The name and authorization structures can be used separately or together. We use S-expressions as the standard format for these certificates and define a canonical form for those S-expressions. As part of this development, a mechanism for deriving authorization decisions from a mixture of certificate types was developed and is described in the companion theory document. \par These structures are also known under the name SDSI 2.0. }, }