Re: Authentication vs. binding signature, and ephemeral vs.permanent key usage

All,

I agree that it would be wrong to focus on changing the X.509 standard.
I believe that it supplies all definitions needed at this point.

My main concern is how we define distinguishing properties for
non-repudiation to clearly separate it from the DS bit. Failing this may
lead to misuse of exclusive non-repudiation keys due to different
interpretations.

Current "protects against the signing entity falsely denying some action"
doesn't seam to be much of a distinguishing property. This can be valid for
almost all digital signature based services.

I would like to add (as I stated before) "which requires the signing
entity's conscious acceptance of the signed message content".

Why?
Since this is the only rationale raised for separating keys for DS and NR.
That is the concern that it would be unfit to use a NR key for unconscious
and automatic authentication mechanisms where the signing entity doesn't
see and accept what he is signing with his key. Since this would lower the
evidence value of NR signatures in court.

I would like to see some pros or cons for this suggestion.
Is there any opinions about this out there?
Should we push this before the PKIX draft goes into an RFC or should we
drop it?

/Stefan


At 03:51 PM 8/18/98 -0400, Simonetti David wrote:
>Bob,
>
>I can see your point for authentication vs. binding signature, but since
>we're basing this work on X.509, I see no reason for discussing new key
>usage elements unless someone is interested in generated a defect report
>for X.509, and I don't recommend that.
>
>I've put forth the recommendation to use digitalSignature usage for
>ephemeral, session-oriented authentication applications, but I truly
>wonder if such an application exists.  I thought it might apply to
>SSL/TLS-like protocols, but PKIX-1 defines extended key usages for TLS. 
>I wouldn't be surprised to see new extended key usages for the IPSec
>protocols.  Is there an application that would look for a
>digitalSignature bit as defined by the profiles?
>
>Dave S.
>
>Bob Jueneman wrote:
>> 

-------------------------------------------------------------------
Stefan Santesson                <stefan@xxxxxxxxxxx>
Accurata Systemsäkerhet AB     
Lotsgatan 27 D                  Tel. +46-40 152211              
216 42  Malmö                   Fax. +46-40 150790              
Sweden                        Mobile +46-70 5247799

PGP fingerprint: 89BC 6C79 5B3D 591B 8547  1512 7D11 DBF4 528F 29A0
-------------------------------------------------------------------