[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Comments on SPKI draft of 25 March 1997
Re Question 1: Should it be required that all certificates be signed by the
subject, when the subject is (or reduces to) a key?
I am against requiring that the subject sign any certificates he receives.
If someone delegates to my key authority that I don't want and don't
know about (e.g. to open the floodgates) and then I lose my secret key
and someone opens the floodgates, am I legally liable? I doubt it, unless
it can be proven that I lost my key intentionally for this purpose. Having
my signature in court might help determine liability, but I don't see what
else it is good for.
I think we should stay away from requirements that are there to
satisfy lawyers or allocate liability, and just have requirements that
we think are necessary to build secure systems.
I don't see the "secure systems" argument for having subject signatures on
any certificates. Is there one?
Ron Rivest
Follow-Ups: