[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Private keys and the emperor's clothes

To: spki@c2.org, bjueneman@novell.com
Subject: Re: Private keys and the emperor's clothes
From: "Brian M. Thomas" <bt0008@entropy.sbc.com>
Date: Fri, 21 Jun 1996 16:01:07 -0500 (CDT)
Sender: owner-spki@c2.org


Bob:

I think that all of your arguments are valid, and right on the money.  However,
there are two things that may put a little different spin on them.

First, the CA may be regulated and contractually obligated and all
kinds of neat stuff, and I may have legal recourse if he misbehaves,
but in the final analysis I don't have actual control over his
behavior; I do over mine.  Laws mean little to terrorists, or spies, or
criminals.  If it's important enough to me, I will do all of the
necessary things that you mention in generating my keypair; if not, I
don't care what the CA does, as you say.  But I get to say, not someone
else, however legally bound they may be.  My real objection to
government key escrow was not primarily distrust for government, but
the dependence on unreliable, deceivable, bribeable humans for the
final layer of security.

Second, the CA's reliability and trustworthiness seems to me to affect
primarily the relying party, who has choices as to whether or not to
trust a particular CA.  Just because I choose to go with Joe Bob's
Discount CA and Shoe Shine Parlor (Steve Kent put me on to him:->)
because he's cheap doesn't mean that anyone in his right mind will
trust his certifications.  This was partly your point, I believe, but
it points out that in a properly run infrastructure, a CA can't really
do this kind of damage to a subscriber, only to a relying party, or
ultimately to himself, because the spoofed party can always present the
duplicate certificate as proof of the CA's unreliability, and he's up 
the river or at minimum out some bucks for breach of contract, depending
on the legal arrangements.

I feel that for those reasons it is still highly preferable to have keys
generated by the owner, and of course, best of all in hardware, and you
are the first I've seen to mention the problem of controlling what got
presented to a hardware crypto engine to be signed.

Brian Thomas - Distributed Systems Architect  bt0008@entropy.sbc.com
Southwestern Bell                             bthomas@cdmnet.com(or primary.net)
One Bell Center,  Room 23Q1                   Tel: 314 235 3141
St. Louis, MO 63101                           Fax: 314 331 2755

Prev by Date: Re: comments on client auth
Next by Date: Re: Private keys and the emperor's clothes -Reply
Prev by thread: Private keys and the emperor's clothes
Next by thread: Re: Private keys and the emperor's clothes
Index(es):
- Main
- Thread