[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: manual keying and IPSEC conformance

To: mfsmith@zionsbank.com, ietf-pkix@tandem.com, ipsec@tis.com
Subject: Re: manual keying and IPSEC conformance
From: "Brian M. Thomas" <bt0008@entropy.sbc.com>
Date: Fri, 22 Aug 1997 12:57:11 -0500 (CDT)
Sender: owner-ipsec@ex.tis.com


The verifier is the entity making the trust decision.  Truly enough, it
must decide in accordance with the corporate policy, as expressed by the
corporate CA.  However, the dumb little program doesn't have any way of
knowing that the expression of that policy it works with is valid, absent
some verifiable assertion of the fact.  The only key the program can trust
ultimately is its own.  The verifier is therefore the root of the trust
chain.  This is true whether the trust is implicit, via a configuration
file or the compiling in of the CA's key (as in your example), or explicit,
via a certificate.

The analogy to the human world is direct.  If my signature on a
document is binding on the corporation, I am under obligation to follow
the policies of the corporation in signing it.  However, there is no
way to force me to follow policies in my signing of documents; only to
punish me if I don't.  I still must choose to trust whomever the
corporate decision-makers say they trust, even though your point is
valid in that they have extended trust to me to act in accordance with
their wishes.  

brian

Brian Thomas, CISSP - Distributed Systems Architect  bt0008@entropy.sbc.com
Southwestern Bell                                    bthomas@primary.net
One Bell Center,  Room 34G3                          Tel: 314 235 3141
St. Louis, MO 63101                                  Fax: 314 235 0162

Prev by Date: Re: manual keying and IPSEC conformance
Next by Date: Re: ESP/AH draft comments
Prev by thread: Re: manual keying and IPSEC conformance
Next by thread: Re: manual keying and IPSEC conformance
Index(es):
- Main
- Thread