Signature-based names should allow multiple signatures.

Names built on object signatures should be able to contain multiple
signatures from different schemes, all explicitly tagged.

When naming objects using their signatures, one should:
 (1) Embed, in the name, explicit identification of the signature scheme.
 (2) Compose a name out of signatures from more than one scheme,
     to increase robustness against spoofing.
 (3) Consider signature migration plans in the design of systems
     with historical time scales.

Example:  "md5=e67ded2886048d308532042b777d53cf"
  Permits multiple schemes to coexist gracefully.
  Cost is small.

Example:  "md5=e67ded2886048d308532042b777d53cf__length=1069"
  Adding an additional constraint, even a very inexpensive one like
byte length, greatly increases the difficulty of someone creating a
fraudulent object with identical signatures.  Lest anyone doubt the
threat, consider the magnitude of resources which might be devoted to
spoofing single documents (such a Rushdie's "Satanic Verses").

  Names are sets of one or more signatures.  Services restrict certain
operations to name sets with particular trustworthyness.  A storage
service is willing to provide an object given a name with only a CRC
sum, but is not willing to use such a signature as a guarantor of
correctness in replication.  As the work function of md5 degrades
gradually or dramatically, names will come to contain other signatures
as well, and preferences in name set signatures will evolve.

1995 Feb 17 - Created.  Summer(?) conversation with Yoav was key.  - mcharity

Return to Library 2000 home page.