[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: matter of semantics

To: spki@c2.net
Subject: Re: matter of semantics
From: Bob Jueneman <BJUENEMAN@novell.com>
Date: Mon, 17 Nov 1997 15:46:23 -0700
Sender: owner-spki@c2.net

>-----BEGIN PGP SIGNED MESSAGE-----
>
>At 11:21 AM 11/17/97 -0700, Bob Jueneman wrote:
>>But if you accept the general proposition that some sharing of the risk is
>>appropriate, just to protect against disproportionate and unaffordable
>>losses (a la a major medical plan for digital signatures) ,then it could
be
>>argued that in insurance model is much better than legislatively spreading
>>the risk across the society.  If insurance is available (at a reasonable
>>cost) against errors and omissions by the CA, as well as for apparent
theft
>>or compromise of a key, then the subscribers could decide for themselves
how
>>much risk to take, what their deductible limits ought to be, or whether
they
>>should self-insure.
>
>Have you seen Mike Reiter's work at AT&T?  He argues well enough to
convince 
>me that insurance is the only viable model -- but in this case, it is the
CA 
>acting as insurance agent, insuring the user of the certificate against any

>fraud by the certified key.  That fraud can happen because the proper 
>keyholder(K1) is dishonest or by having some dishonest person become the 
>keyholder(K1) through theft, trojan horse, Radar O'Reilly attack, 
>cryptanalysis, ....  AFAIK, there's no role for a commercial CA which does
>not act as insurance company -- ie., which disclaims liability.
>
> - Carl

I haven't seen Mike Reiter's work, and am not acquainted with him, but would
tend to agree with him for the reasons I laid out above, at least for
high-value transactions.  For low value trnasactions, the relying party may
choose to accept a ertain degree of risk, rather than pay the premiums -- to
self-insure, in other words.

However, I am not at all convinced that it has to be the CA that perfoms
this function. Any trusted third party could do so, although the CA might
very well be a natural player.

Other legitimate contenders would be a repository, which accepts certificate
once a quarter from the Pasadena Ladies Garden Club, and receives
notification of any of the ladies does something socially unpardonable, but
otherwise takes on the responsibility for certificate and CRL distributin
and/or on-line validation.

A notary, in particular a cyber-notary, might also have a role to play. 
They just have to confirm with the CA that the certificate hasn't been
revoked, etc.

We have to admit the possibility that a CA might do an outstanding job of
actually administering certificates and doing the necessary due diligence,
yet not have pockets deep enough to provide a real sense of confidence to
someone who wants to rely on one of their certificates.

So the CA can go get their own errors and omission insurance, or the relying
party can.  I don't think it makes a great deal of difference who actually
performs the function. What is really important is the size of the insurance
companies pockets, and the amount of auditing and oversight they are going
to require of the CA to keep their nose clean.

bob

Prev by Date: Re: non-key-sharing
Next by Date: Re: uses of MD5 hashes
Prev by thread: Re: matter of semantics
Next by thread: ABA Digital Signature Guidelines now available electronically
Index(es):
- Main
- Thread