[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: losing private keys

At 00:57 3/7/96, Michael Richardson wrote:
>  Can you repost to the list, so I can respond there?


>At 07:07 PM 3/6/96 -0500, you wrote:
>>action rather than one action per permission.  However, if keys don't get
>>lost, we don't have to put up with the pain of the extra interaction.
>  But what about compromised keys?

I assume you're asking what I'd do about compromised keys if we have
key-centered attributes.  I have thought about this some, in the past
weeks, and believe that we need a self-signed cert with the meaning "Unless
this cert is [revoked | allowed to expire], I am the only person to have
access to this private key and believe that no one else has gained access
either through theft or factoring.".  Whenever a person believes his key
has become compromised, or just might be [because of age or new factoring
advances], he can revoke the cert or, equivalently, let it expire.

When someone has an attribute cert relating back to a key, it should be
tied to some cert capable of showing compromised keys -- either one of
these self-signed certs [for key-centered operation] or possibly an
identity cert.  Of course, revoking an identity cert just divorces the
binding between a key and a text string [or DN] -- not quite the same as
declaring that a key is compromised or not.  So, even the X.509 folks might
want to have a self-signed key-validity cert to add to the pool.

Any X.509 folks care to comment on that?

 - Carl

|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091      Tel: (703) 620-4200                                 |