 |
 |
 |
Pisces User Manual |  |
 |
|
SPKI (Simple Public Key Infrastructure) is an experimental protocol developed by an IETF working group [Ell99]. This protocol defines public key certificate and signature formats, along with many associated objects, to support security for a wide range of applications. The SPKI protocol is simple to understand, use, and implement.
The CNRI SPKI library provides an implementation of the SPKI protocol for the Python language and a command-line utility, spkitool, for creating and using keys and certificates. This document primarily describes the utility.
Before going on to a detailed look at spkitool, we offer a brief introduction to the SPKI protocol based on the language in RFC 2693 [2]. For a more thorough discussion of SPKI, RFC 2693 itself, which lays out the basic theory underlying the protocol, and Carl Ellison's SPKI Web page, http://world.std.com/~cme/html/spki.html.
A certificate is a signed object that transfers some authority for the certificate's issuer to its subject. The main purpose of a SPKI certificate is to authorize the subject to perform some action. The subject and issuer are principals, i.e. a cryptographic key capable of generating a signature. The principals are represented by the key itself, a hash of the key, or a name that is bound to the key. A certificate that gives some authority to a key is, in effect, transferring some authority to the keyholder (anyone with access to the private key). The principal speaks for the keyholder by creating signed objects.
Unlike other public key infrastructures, SPKI principals are not named users, they are just keys. As it turns out, most authorization decisions are based not on the name of the keyholder, but on some attribute of the keyholder, e.g. whether she is a member of a particular organization, has paid some access fee, etc. A SPKI certificate can carry any authorizations or attributes the creator wishes; the specific interpretation is left to the applications that uses them.
A typical use of SPKI certificates is to implement a protected subsystem [3]. The root of each certificate's authority is an access control list (ACL).
The basic SPKI theory and protocol describe formats and uses for keys, certificates, and many associated objects. They do not describe protocols or APIs for transferring certificates between programs or storing them on disk. The implementation of Pisces SPKI library makes a number of concrete decisions about issues like these.