[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: non-key-sharing

On Tue, 11 Nov 1997, Bob Jueneman wrote:

-> I don't think that the keys themsleves are scarce. Rather, it is that
-> certificates are expensive, because of the administrative burden and
-> liability implications of binding of the key to anything at all, whether an
-> "identity" or a set of capabilities.  (I'm using the term certificate in the
-> most generic sense, not tied to X.509 or any other format.)
-> You can certainly make certificates inexpensive, but only by making them
-> essentially worthless to the relying party.

It is not axiomatic that certificates must be expensive in order to have
worth to someone, as you can see with PGP certs. 

Further, the UCP says that certificates are issued without warranty of
results, so there is no liability involved in binding the key to anything
and there is no relying party that is derived from the signing act. 

Note that the CA (generally speaking, the issuer)  may also willingly
include semantics in its signing act, by virtue of a CPS which is outside
the scope of signing and which could introduce liability in this case.
However, this does not mean that the user can just rely on the certificate
data by trusting the issuer, because all CPSs that I know exclude
malicious acts of third-parties, such as viruses, and several other
not-so-improbable occurences.

So, I can't find a logical function that makes a cert's cost escalate with
its usefulness or worth. The administrative burden and the liability can
be zero and still the cert allows Bob to check if Alice's data have not
been changed after Dave signed them, by checking Dave's signature. 


Dr.rer.nat. E. Gerck                        egerck@laser.cps.softex.br
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil