|
|
|
Re: SV: Defining Non-Repudiation: msg#00315ietf.x509
All, I agree with the gist of what most of you have stated. In general terms, we all know that the CA is responsible for catching attempts at fraudulent certificate subscription. Neither the relying party, nor the impersonated victim can assist in this prevention. We also know that the use to which a private key is put is under the control of the key-holder (subscriber). Unless I am mistaken, it is also the subscriber who has (marginal) control of the "signing software". I also believe that most signing software does not demand the presence of a valid certificate in _applying_ the key (please correct me if I am wrong). Also, the "enduring signature" (allowing validation after cert expiration) certainly required some archiving of certs and/or CRLs by someone... Finally, it is the relying party that controls the "validation software", which does (can) demand appropriate certificates be present to successfully process a signed transaction. Given all of this, the intent of the "NR" bit should be described in terms of what (pkix-compliant) software is forced to rely upon it, and with what implications. Otherwise it seems to be nothing more than an advisory, or at most, a promise of greater "due diligence" from the CA in exchange for a bigger pile of coins. I update the scenarios I gave previously, for thought: 1. Claim Fraudulent Subscription. As a criminal, I take the effort to impersonate you so well (false IDs) that I get a CA to issue a "NR" cert to me in your name, etc. Granted the CA followed their CPS to the letter, but were still fooled. In this case, what does the NR bit do for anyone (except the criminal.) 2. Claim Flawed Validity: A (possibly expired) key is used to sign a transaction where the signing date is abused. The criminal "backdates" the signature. Is this even an NR-case at all? Here, it seems it is the relying party that will want to repudiate the validity. 3. Claim Covert Compromise: Despite your best efforts, someone stole your key (or so you claim). Where, if at all, does the NR-bit affect this situation? I hope I am not coming across as obstructionist. I simply do not understand what the NR-bit is saying, and to whom it is speaking. Enlightenment welcome! ___tony___ Tony Bartoletti LL SPI-NET GURU LL LL Computer Security Technology Center LL LL LL Lawrence Livermore National Lab LL LL LL PO Box 808, L - 303 LL LL LLLLLLLL Livermore, CA 94551-9900 LL LLLLLLLL email: azb@xxxxxxxx phone: 510-422-3881 LLLLLLLL |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Authentication vs. binding signature, and ephemeral vs.permanent key usage: 00315, Aram Perez |
|---|---|
| Next by Date: | RE: Defining Non-Repudiation: 00315, Bill Brice |
| Previous by Thread: | Re: Defining Non-Repudiationi: 00315, Petra Glöckner |
| Next by Thread: | RE: Defining Non-Repudiation: 00315, Bill Brice |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
|
|
| News | FAQ | advertise |