[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 3280 Bis and Trust Anchors

To: Santosh Chokhani <SChokhani@xxxxxxxxxxxx>
Subject: Re: 3280 Bis and Trust Anchors
From: Thierry Moreau <thierry.moreau@xxxxxxxxxxxxx>
Date: Wed, 16 Apr 2008 11:59:06 -0500
Cc: pkix <ietf-pkix@xxxxxxx>
In-reply-to: <FAD1CF17F2A45B43ADE04E140BA83D484AD0F2@xxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <FAD1CF17F2A45B43ADE04E140BA83D484AD0F2@xxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)




Santosh Chokhani wrote:

For a long period of time, I used to think that checking validity periodand revocation status of a trust anchor is useless.
While I still hold that view on the revocation status, my rationale forchecking validity period has been incomplete.
It seems that there is a value in enforcing the validity period on atrust anchor.
Trust anchors by their very nature are insecure objects in the sensethat they must be protected using means other than signature on them.To ascribe security to PKI, one has to assume that the means to protectthe trust anchors in relying party trust store are secure and can not bealtered. Thus, enforcing validity period on them gives the organizationanother means to obsolete them. This may be useful capability as wetransition from 1024 bit roots to 2048 bits and 1024 bit roots havedefined validity period.
I doubt that X.509 and 3280bis would want to change their requirement,but I hope that there would be less of an objection to discuss this inthe Security Considerations section.

In other words, a PKI expert changes mind about an issue related toglobal trust dissemination in 2008. It strikes me that experts in thefield had, for so long, so little foresight in the area of trust anchorkey (TAK) management.

In the above instance, my work on this provides a clean path for asolution to the concern of TAK rollover for the purpose of increasingkey sizes. I do not feel the need to explain further since a) the PKItechnology as so many rebuttal facets, and b) I'm just fed up with theIETF standards drafting process.


Anyway, the expired draft is

draft-moreau-pkix-takrem-01.txt

Trust Anchor Key Renewal Method Applied to X.509 Self-signedCertificates (TAKREM-X.509)


Abstract

In the Internet PKI, trust anchor keys are distributed as self-signedX.509 security certificates. This document specifies a trust anchor keyrenewal mechanism that leverages the confidence in the initialcertificate distribution. A non-critical X.509 certificate extensionholds a sequence of opaque octet strings. The trust anchor renewaloperation occurs upon receipt of a message that hashes to one of thoseoctet strings.


Regards,


--

- Thierry Moreau

CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, Qc
Canada   H2M 2A1

Tel.: (514)385-5691
Fax:  (514)385-5900

web site: http://www.connotech.com
e-mail: thierry.moreau@xxxxxxxxxxxxx

Follow-Ups:
- RE: 3280 Bis and Trust Anchors
  - From: Santosh Chokhani

References:
- 3280 Bis and Trust Anchors
  - From: Santosh Chokhani

Prev by Date: Terrorize her with 9 massive inches
Next by Date: RE: 3280 Bis and Trust Anchors
Previous by thread: Re: 3280 Bis and Trust Anchors
Next by thread: RE: 3280 Bis and Trust Anchors
Index(es):
- Date
- Thread