Re: Authentication vs. binding signature, and ephemeral vs.permanent key usage

Aram,

Aram Perez wrote:
<snip>
> What do you mean by "any CA that you contract with"? Today I can go to 
> VeriSign
> and for either $10 (class 1) or $20 (class 2) per year, I can get a 
> certificate.
>  When I get the certificate, did I "contract with VeriSign"? And if I did, how
> do I can tell Verisign to set the NR bit? It's not on any other the sign up
> forms that I have seen.

Please see Verisign's Enterprise Solutions for business class
alternatives to Class 1 and Class 2 certificates.

> I agree that we are discussing public key certificates here. But my original
> question was "How is the use of the public key in the certificate related to 
> the
> use (or misuse) of the corresponding private key?" Assuming that
> "non-repudiation" is a service, how can a CA offer that service when it has no
> control over the use (or misuse) of the private key?

A single bit in a certificate is never enough to convey non-repudiation
of the private key.  True non-repudiation can only be conveyed through
certificate policy.  The key usage bits provide a way of determining
whether the key pair is being used in a manner consistent with what was
intended by the CA upon certification.  They are not, and never have
been, intended as a method to convey policy.

> 
> Regards,
> Aram Perez
> Apple Computer, Inc.

-- 
David Simonetti, Booz·Allen & Hamilton Inc.