[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Request for Clarification of Usage of Certificate Request Payload to Maximimze Interoperability
At 08:06 AM 1/26/00 -0800, Michael Thomas wrote:
> Would this not potentially be a security hole on
> the side that didn't request the certificate? Say,
> the cert was password protected, or came from a
> smart card or something like that, the cached cert
> would be stale.
PKIX certs are not password-protected. They are also designed to be full
cacheable: they have a start and end date. The cert can, of course, be
revoked, but that has nothing to do with its freshness.
> One possible use is where the distinguished name
> and the signing CA are basically just for human
> consumption. Take for example two IP Phones which
> want to do end to end crypto, but where there isn't
> an agreed upon authority to name the phones or the
> user of the phone. The calling phone may want to
> say: "give me cert x, cert y, or if all else fails
> whatever you think is appropriate." In the latter
> case, the phone would display the "whatever"
> certificate to the user and they could make their
> own decision -- sort of a glorified caller ID.
Not really. A certificate that doesn't chain to a root you trust is
inherently useless for identity. It would be trivial to forge them.
--Paul Hoffman, Director
--VPN Consortium
References: