[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: legal question about certs

On Wed, 25 Jun 1997, Bob Jueneman wrote:

-> snip,  agreed and coincides with my previous arguments>
-> \Unfortunately, the argument is circular.  If you are concerned about a
-> rogue CA issuing a certificate to someone who never heard of that CA, that
-> CA could invent whatever public/private key pair they wished, and embed that
-> key in the certificate they are issuing!

The message was mostly excellent, but the point above needs a comment,
because it is not true. Without digressing too much, if you contact a
party and that party presents a cert to you saying he is David, there are
actually TWO questions you must answer, sequentially:

1. who is David?
2. is the party David?

The first question is cognition, the second is recognition. 

To answer the first question you need to use the trust model YOU choose to
accept, for instance a CA. Suppose you do that and you get the rogue CA
cert you mention an *suppose* you decide to trust that CA.

You still need to go through the second question, which does not depend on
the trust model but depends on cryptography. That is, David must prove
posession of the private-key that is a pair to the public-key the cert
says he has. So, the rogue cert would not pass as a cert for David.

Actually, it is the second question that still holds CAs in business,
otherwise a CA is pure snake-oil.


Ed Gerck

Dr.rer.nat. E. Gerck                        egerck@laser.cps.softex.br
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil  - Fax: +55-19-2429533