Re: 3280 Bis and Trust Anchors

[Stephen Kent <kent@xxxxxxx>]

Title: Re: 3280 Bis and Trust Anchors

At 5:01 PM -0400 4/15/08, Santosh Chokhani wrote:

> For a long
> period of time, I used to think that checking validity period and
> revocation status of a trust anchor is useless.
>  
> While I
> still hold that view on the revocation status, my rationale for
> checking validity period has been incomplete.
>  
> It seems
> that there is a value in enforcing the validity period on a trust
> anchor.
>  
> Trust
> anchors by their very nature are insecure objects in the sense that
> they must be protected using means other than signature on them. 
> To ascribe security to PKI, one has to assume that the means to
> protect the trust anchors in relying party trust store are secure and
> can not be altered.  Thus, enforcing validity period on them
> gives the organization another means to obsolete them.  This may
> be useful capability as we transition from 1024 bit roots to 2048 bits
> and 1024 bit roots have defined validity period.
>  
> I doubt that
> X.509 and 3280bis would want to change their requirement, but I hope
> that there would be less of an objection to discuss this in the
> Security Considerations section.
>  
> Santosh
> Chokhani

Santosh,

I think your observations are valid and I would not object to including suitable text in the secruity considerations section when 3280bis is next updated.

Steve