[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: X.509 ACs vs. SPKI?
At 11:00 PM 5/26/99 +0200, Niels Möller wrote:
>But to "happen" to independently regenerate somebody elses _private_
>key is hard, as its equivalent to successfully breaking the public
>key, by guessing. And if you somehow manage to generate/guess the
>other person's key, we have some vastly more serious problems than
>non-uniqueness of identifiers.
>
>And the usual procedure is to consider that possiblity as small enough
>to be safely neglected.
>
>Or am I missing something?
>
>Regards,
>/Niels
No, you got it right. I should have used (exceptional!) instead of
(exceptional?) but I suppose there are other avenues of attack.
If someone actually stole your secret key, they might have a new
cert produced with alternate attributes. Thus keys (and key-hashes)
would be identical, yet the certs (and cert-hashes) differ.
The central issue of the posting was in the second paragraph.
Namely, (even given key-pair uniqueness) how far can one get
when the verifying party sees only the (authenticated) hash of
another key, rather than the authenticated hash of a certificate.
My (tentative) answer for SPKI was that key-hash is sufficient,
given that the verifier is the issuer, and is presumed to have
the corresponding (unique) certificate in hand already.
___tony___
Tony Bartoletti LL
Center for Information Operations and Assurance LL LL
Lawrence Livermore National Laboratory LL LL LL
PO Box 808, L - 303 LL LL LL
Livermore, CA 94551-9900 LL LL LLLLLLLL
phone: 925-422-3881 fax: 925-423-8002 LL LLLLLLLL
email: azb@llnl.gov LLLLLLLL
Follow-Ups:
References: