[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [E-CARM] PKI, CAs, TTPs &c.
-----BEGIN PGP SIGNED MESSAGE-----
At 07:56 AM 3/27/98 +1000, LITTLER, Ian wrote:
>
>Lets think about why compromise of a root key is bad. It allows you to
>create entities which are not bonifide and commit all sorts of fraud
>(and if you know its compromised then all issued certificates are
>invalid). If instead you keeep a list of public keys in a secure
>environment then there are also risks, while it could be argued that
>they are less. If someone was able to steal the secret key in the first
>scenario then it must also be possible for them to break in and insert
>new public keys in the list and commit fraud that way. What you have
>lost is the flexibility which a certificate offers. i.e. use in a
>distributed manner.
Of course. However, you can't get away from the ACL entry at the left end
of the verification chain. Some trusted memory in the verifier has to
empower the left-most (some call it "root") key in the certificate chain,
when you use certificates.
All we do with direct ACL entries for end users is avoid certificates where
we don't need that flexibility. For example, the keys for getting access
through a small company firewall might be few enough in number to make
certificate issuance all pain and no benefit. By contrast, the keys to get
through a firewall allowing people to go from Internet to Milnet would be so
many in number, with so many different responsible agencies, that you'd
definitely want those authorizations delegated via certificate.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQCVAwUBNRri1xN3Wx8QwqUtAQEjtQP/QWUVeqMxTdTuJHNIVTFdw+Sm+Cf94LR6
/hRizLHIgIyPkY0S28R8L4Vb0FwRxqW+wmjOX7sf4oj/9FF3YDc93hBy0QEj4Ntl
+EdoMByzP1EERAz9vGK1OQPFLMD1N8NxmpyEF6Xxx0y1hehRB3kYTmSylSVVgXS0
SLbObQQEJSI=
=nbcK
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: