[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Request for Clarification of Usage of Certificate Request Payload to Maximimze Interoperability



At 08:06 AM 1/26/00 -0800, Michael Thomas wrote:
>    Would this not potentially be a security hole on
>    the side that didn't request the certificate? Say,
>    the cert was password protected, or came from a
>    smart card or something like that, the cached cert
>    would be stale.

PKIX certs are not password-protected. They are also designed to be full 
cacheable: they have a start and end date. The cert can, of course, be 
revoked, but that has nothing to do with its freshness.

>    One possible use is where the distinguished name
>    and the signing CA are basically just for human
>    consumption. Take for example two IP Phones which
>    want to do end to end crypto, but where there isn't
>    an agreed upon authority to name the phones or the
>    user of the phone. The calling phone may want to
>    say: "give me cert x, cert y, or if all else fails
>    whatever you think is appropriate." In the latter
>    case, the phone would display the "whatever"
>    certificate to the user and they could make their
>    own decision -- sort of a glorified caller ID.

Not really. A certificate that doesn't chain to a root you trust is 
inherently useless for identity. It would be trivial to forge them.


--Paul Hoffman, Director
--VPN Consortium



References: