[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: The Carl & Bob show
-----BEGIN PGP SIGNED MESSAGE-----
At 09:49 AM 11/21/97 -0500, Peter Whittaker wrote:
>Is it perhaps the case that the identity-with-context that Carl refers
>to is in some ways provided by the combination of issuer name, subject
>name, and issuer public key? Admittedly, this may only reduce the scope
>of the problem (it is possible that two CAs will issue certificates with
>the same subject name, and not have those be the same subject entity;
>it is much less likely that those two CAs will have the same issuer
>name; in fact, I would think that any community in which they operate
>would catch on to that pretty quickly). So long as the CAs themselves
>maintain adequate information about their subjects, is not the problem
>of "no context for the identity" perhaps solved? As a certificate user,
>I will choose to do business - that is, accept a CA from - a CA that
>enforces identity check policies and cross-certification policies that
>are adequate to my needs and requirements.
As I said, I believe we'll end up talking the same language -- probably
sooner than even I thought.
What I see in this discussion is confusion from the lack of careful
distinctions among the concepts of authorization, accountability,
identification and locatability. These four can be separate. None of them
necessarily requires or implies another.
As you point out, when you issue a certificate for electronic commerce
(e.g., a SET cardholder certificate), there is no identifying information in
that certificate of any value to anyone but you, the issuer. However,
that's plenty. If that keyholder defrauds someone, you have his information
on file and can provide that to police. However, a SET cardholder
(authorization) certificate gives the verifier the information he needs:
that the keyholder has been blessed by a certain financial institution for
transactions with a certain credit card.
>And when any two organizations decide to cross-certify, they will
>perform checks on each other which should result in uniquely identified
>CAs (if I have cross-certified with Joe's CA Shop, and you have too, I
>will likely either check that they are the same CA, or restrict the
>validity of the cross-certificate I issued to you so that it can't be
>used to get to "your" Joe).
As far as I can tell, cross-certification is a side-effect of X.509 ala PEM
and does not show up explicitly in the SPKI lectionary. Do you see some
special place for that concept, aside from X.509 or PEM peculiarities?
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
-----END PGP SIGNATURE-----