Reasoning about public-key certification: On bindings between entities andpublic keys

Public-key certification is of crucial importance for advancing the global information Infrastructure, yet it suffers from certain ambiguities and lac k of understanding and precision. This paper suggests a few steps toward ba sing public-key certification and public-key infrastructures on firmer theo retical key. In particular, we investigate the notion of binding a public t o an entity. We propose a calculus for deriving conclusions from a given entity Alice's (for instance, a judge's) view consisting of evidence and inference rules v alid in Alice's world. The evidence consists of statements made by public k eys (e.g., certificates, authorizations, or recommendations), statements ma de physically toward Alice by other entities, and trust assumptions. Conclu sions are about who says a statement, who owns or is committed to a public key, and who transfers a right or authorization to another entity, and are derived by applying the inference rules.