History and definition of the term 'principal'?

from:  h
ttp://theory.lcs.mit.edu/~rivest/publications.html

<<Perspectives on Financial Cryptography (Revisited)
by Ronald L. Rivest.
Financial Cryptography '06 Conference Keynote. (Update of
talk given for 
Financial Cryptography '97)>>

PowerPoint presentation excerpt follows:

<<
SDSI's active agents (principals) are keys: specifically,
the private keys 
that sign statements. We identify a principal with the 
corresponding verification (public) key:
( Principal:
( Public-Key:
( RSA-with-MD5:
( E: #03 )
( N: #34FBA341FF73 ) ) )
( Principal-At: "http://abc.def.com/" )
>> 


------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe
cryptography" to majordomometzdowd.com

tmcghan quoted:
> SDSI's active agents (principals) are keys:
specifically, the private keys 
> that sign statements. We identify a principal with the 
> corresponding verification (public) key...

Calling a key a "principal" (and saying that a
key "speaks") is just
a poetic language used in SDSI/SPKI. The goal was to
eliminate liability
by using keys as syntactic elements - a digital signature
reduced to
mathematics. This did not, however, turn out to be a
real-world model
because someone must have allowed the software to use that
key or, at least,
turned the computer on (even if by a cron job).

Usually (but not always consistently) cryptography's use of
"principal" is
not what the dictionary says.

Here, principal conveys the idea of "owning or
operating".

In this sense, SDSI is somewhat right -- the private key
seems to
operate the signature -- but fails to recognize that,
ultimately, the key
by itself cannot operate(or own) anything.

Being responsible for an account, or creating keys or
passwords, is within
the idea of "owing or operating".

Cheers,
Ed Gerck

------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe
cryptography" to majordomometzdowd.com

I was manager of development for Project Athena beginning
in 1985.  Amongst our projects was Kerberos, and, as you
know, it was a direct implementation of Needham-Schroeder.
Schroeder had been Jerome Saltzer's Ph.D. student and 
Saltzer was the MIT faculty member in charge of the
technical side of Athena, and to whom I reported.  The
word "principal" was solidly in place from the
moment
the Kerberos work began, and comes directly from the
work of Saltzer and Schroeder.  At least as early as
1975 the term "principal" was in use in their
work;
see [1] for my own earliest reference.  I suspect it
was in place at Project MAC and might thus have some
lineage with Multics, but now I am speculating.

Needham is sadly gone, but Schroeder and Saltzer are
still with us.  If it is worth my pursuit of the matter
I'll make the time for it, but I now forget why this
was asked.  If it is curiousity, perhaps the canoe is
now far enough upriver.  If it is a patent claim or the
like and one needs to find the exact wet spot in the
ground that the river starts, well, let me know.

--dan


[1] Proceedings of the IEEE. Vol. 63, No. 9 (September
1975), pp.
1278-1308; Manuscript received October 11, 1974; revised
April 17,
1975. Copyright 1975 by J. H. Saltzer.  The authors are with
Project
MAC and the Department of Electrical Engineering and
Computer Science,
Massachusetts Institute of Technology Cambridge, Mass.
02139.


------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe
cryptography" to majordomometzdowd.com