[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Subject signing redux (was: Re: Mary is Mary)


At 10:24 AM 6/27/97 -0400, David P. Kemp wrote:
>> 2. The attack: 
>> The attack is "framing Mary".
>>   [...]

>In the entire following discussion, I have not seen any technical arguments
>to support the notion that there is an engineering solution to the framing
>attack.  In particular, there has been no response to the points raised
>by Jim McCoy and Steve Bellovin:
>> From: Steven Bellovin <smb@research.att.com>
>> After all, I could claim that that wasn't my certificate, but one they
>> concocted out of whole cloth.
>Please explain, in the simplest possible terms, how subject-signed
>certificates prevent the "framing Mary" attack.
>  1) Jon wants to frame Mary. He issues a cert to his accomplice Mallet:
>     Mallet's sig [
>       Jon's sig { Subject=Mary, PubKey=1234, Auth="I am a lawyer" }
>     ]
>  2) Mallet uses the cert to conduct a legal transaction in Mary's name.
>  3) Steve McGarret confronts Mary: "You've been practicing law without
>     a license"
>  4) Mary says: "But I don't have the private key to that cert.  Honest.
>     I *swear*."
>  5) McGarret:  "Book her, Danno."
>  How subject-signing allows Mary to *prove* that her name was used
>  without her authorization.


	I fear you've fallen into the trap of believing the X.509 thinking.  We never 
claimed to tie something to Mary through her name.  No one can hope to convince 
anyone that Mary is involved merely because there is a cert with SDSI name Mary 
tied to some key, which key is then tied to something bad.  A principal in 
SPKI/SDSI is a key.  The holder of the private key is the person we care about 
by definition.  We don't often know any name for that person, other than 
(keyholder (K)).  If the private key has signed a receipt for a cert, then in 
fact the indicated person (namely "(keyholder (K))") has accepted the cert.

	If you also want to map from (K) to (keyholder (K)) -- ie., from the key space 
to the person in 3D space, you need one of those other certificates (e.g., a 
donation cert or a subpoena cert) I was talking about before this all started.

 - Carl

Version: PGP for Personal Privacy 5.0
Charset: noconv


|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |