[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

the problem of loaning of private keys

Some advocates of identity certs have claimed that it's important to bind
attributes and permissions to a person (and, through the DN to a public key)
because a private key might be loaned out, sold or stolen.

However, I happen to have used identity certs in a past life, on Fortezza cards.
I didn't have a Fortezza card issued to me, so I was using borrowed cards.

I can assure everyone that the software which checked permissions based on
the X.509 certificate on the Fortezza card I was using didn't know that
it was I rather than the card's owner who was using the card.

The problem of loaning of private keys needs to be solved [or not solved
and just accepted, as managed risk] through something other than the
certificate structure.  Once that problem is solved or declared manageable,
and we can trust that the right person is using the private key [which
we have to do, in order to honor it at all], then my claim is strengthened
that the direct attachment of permissions to a public key is not just
equivalent to X.509 style operation but is, in fact, both stronger
from a security point of view and simpler from an implementation point
of view.

|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091      Tel: (703) 620-4200                                 |