[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Subject signing redux (was: Re: Mary is Mary)

To: "David P. Kemp" <dpkemp@missi.ncsc.mil>
Subject: Re: Subject signing redux (was: Re: Mary is Mary)
From: Marc Branchaud <marcnarc@xcert.com>
Date: Wed, 25 Jun 1997 11:23:27 -0700 (PDT)
Cc: spki@c2.net
In-Reply-To: <199706251415.KAA02626@argon.ncsc.mil>
Sender: owner-spki@c2.net

-----BEGIN PGP SIGNED MESSAGE-----

On Wed, 25 Jun 1997, David P. Kemp wrote:
> 
> I hate to beat a dead horse, but this again comes down to the premise
> that the verifier is central.  It's given lip service, but seems to be
> forgotten every so often.
> 
> Mary = subject.
> Jon = issuer.
> Ed = verifier.
> 
> Ed wants to know if Mary is a lawyer.
> Jon says Mary is a lawyer.  
> 
> Ed either trusts Jon or he doesn't.  If he trusts Jon, and Jon lied,
> then Ed has the basis for a lawsuit against Jon, not against Mary.
> Mary doesn't have to countersign anything.
> 

Thanks for re-stating that, David.  It's a matter of who is supposed to
take responsibility for a certificate.  In the above situation, who's to
blame?  Jon lied about Mary, and Ed believed the lie.

To bring things back to subject-signed certification, let's look at this
both ways.  First, using subject-signed certs, Jon and Mary would both
claim that Mary is Jon's lawyer.  Ed could see that claim just by reading
the cert.  Either the claim is true, or Jon & Mary are both lying.  In the
event of fraud, it's easy to point a finger at both of them.

Without subject-signed certs, Jon is the only one making the claim.  Ed
can either believe that claim blindly, or he can try to contact Mary and
ask her about it.  Whatever Mary does, it's still easy to point a finger
if a fraud is revealed.  Either Mary said she's Jon's lawyer (her and Jon
are in cahoots) or she said she isn't (which means that Jon lied).

There's no extra security gained, but the subject-signing model is more
complicated: both signatures on the cert have to be verified each time
it's used, and Mary has to police every cert that's issued about her.

In a way, subject-signing changes the paradigm greatly.  Who's really 
issuing the cert?

We can explore these ideas, or we can keep calling it SPKI...

		Marc

+------------------------------------------------------------------------+
 Marc Branchaud                                       \/
 Chief PKI Architect                                  /\CERT SOFTWARE INC.
 marcnarc@xcert.com        PKI References page:              www.xcert.com
 604-640-6210x227      www.xcert.com/~marcnarc/PKI/
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBM7FiIFrdFXNdDxPlAQH7zAL/XDCuEROd7TUnVPZSVqPi4QygBQYSZGLT
LcBbw8/YoitMjIHimUKmn8jiIF0VqLH6lCHv5deeSA43i6XCihpdAoJIzlJphxrd
HIhy6Ew2IAMrfTLSQIAWiXwkOCmH3pAo
=WlmQ
-----END PGP SIGNATURE-----

References:

Re: Subject signing redux (was: Re: Mary is Mary)

From: dpkemp@missi.ncsc.mil (David P. Kemp)

Prev by Date: Re: Subject signing redux (was: Re: Mary is Mary)
Next by Date: Re: Subject signing redux (was: Re: Mary is Mary)
Prev by thread: Re: Subject signing redux (was: Re: Mary is Mary)
Next by thread: Re: Subject signing redux (was: Re: Mary is Mary)
Index(es):
- Main
- Thread