KeyNote provides a simple notation for specifying
both local security policies and security credentials
that can be sent over an untrusted network.
Policies and credentials, called "assertions" as in
PolicyMaker, contain predicates that describe the
trusted actions permitted by the holders of specific
public keys. A signed assertion that can be sent
over an untrusted network is called a Credential
Assertion. Credential assertions, which serve the
role of "certificates," have the same syntax as
policy assertions, with the additional feature that
they are signed by the entity delegating the trust.
A KeyNote evaluator accepts as input a set of local
policy assertions, a collection of credential
assertions, and a collection of attributes, called
an "action environment," that describes a proposed
trusted action associated with a set of public keys.
KeyNote determines whether proposed actions are
consistent with local policy, by applying the
assertion predicates to the action environment.