[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: preshared
Pardon me, but,
I have to say " set of trusted public keys" that is stored for
the self-certified public key is "chasing its own shadow".
How do you get the "set of trusted public key" initially?
It will make sense in the PKI that you start with a "trusted root public
key" and
accept any public key cert that is signed by this root key.
(and don't forget about revokation check... :-)
The entire PKI infrastructure (and "chain reaction") goes alive again.
Regards,
--- David
----- Original Message -----
From: "Michael Thomas" <mat@cisco.com>
To: "Paul Hoffman / VPNC" <paul.hoffman@vpnc.org>
Cc: "IP Security List" <ipsec@lists.tislabs.com>
Sent: Monday, November 19, 2001 6:05 PM
Subject: Re: SOI: preshared
>
> Sure. Same considerations apply though.
>
> Mike
>
> Paul Hoffman / VPNC writes:
> > At 11:45 AM -0800 11/19/01, Michael Thomas wrote:
> > >The consequence of using naked public keys in lieu
> > >of symmetric keys is that you incur the cost of
> > >both a DH and a RSA operation. You could
> > >conceivably get rid of the DH if you don't care
> > >about identity, but for preshared keys it seems
> > >questionable why you'd want to do _either_.
> >
> > It doesn't have to be a bare public key. A self-signed cert has other
> > signed attributes in it, such as the key validity date and an
> > identity. The recipient simply needs to pull the public key out of
> > the cert to check that key against its set of trusted public keys.
> > (One doesn't need to trust this as a root cert: it is easy to make a
> > policy of "if I get a self-signed cert as an identifier, I won't do
> > any chaining, even if the cert says chaining is OK").
> >
> > Using self-signed certs is the method that JFK currently uses to
> > allow simple trust between two parties without needing a PKI. There
> > is no shared-secret mode.
> >
> > --Paul Hoffman, Director
> > --VPN Consortium
>
References: