[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The role of trust in certification

Ed Gerck says:
> Suppose we would paraphrase Augustine of Hippo (Ts. 132) and would
> discuss: "whether certificates are trustful because they certify, or
> certify because they are trustful.". Then, like him, we might give the
> "doubtless reply" that they certify because they are trustful. 


> Thus, for certificates, "trust is relative to the user" and "certificates
> are trustful because they certify" -- not the other way around. 

Respectfully disagree. Since I chose to "trust" the given CA, certificates
issued by it are "trustful" and thus "certify" - "not the other way around".

>  In any certification system, what makes a certificate trustworthy is not
>  any magically infused trust from the certificate's issuer (eg, the CA). 
>  Rather, a certificate is trustworthy as decided by the user (ie, the
>  party that relies on the information -- who is at risk), based on the
>  trust the user decides to place in the certificate's issuer and as a
>  function of perceived risks, costs, threats, situation, etc. 

If a user "doesn't trust" a given CA, there's no reason why certificates
issued by it would "certify" anything to him.

On the other hand, if a user "trusts" this CA, I can't see how this user
would do other than accept that any certificate from this CA "certifies"
and it "trustful".

Certificate merely tells: "...and what it says is true - I attest to it."

A question might be - what exactly do the certificates "certify"? 
Identities? If so - how much of it? Is it "Joe Shmoe"? Or "Joe
Shmoe who lives at ..."? Or "Joe Shmoe who lives at..., works
at ... and has been paying his loans well till now"?

Because I may well "trust" that the person behind that certified key
indeed is Joe Shmoe - but unless I already have a policy installed
that tells me precisely what Joe Shmoe is allowed to do (or to
receive from me), just "knowing" the identity gives me little.
I need more [certified] information...

Now, what were we talking about? (:-)
Uri		uri@watson.ibm.com

Follow-Ups: References: