[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: German Law and OCSP

To: Andreas Berger <aberger@xxxxxxxxxxxxxxxx>
Subject: Re: German Law and OCSP
From: Denis Pinkas <Denis.Pinkas@xxxxxxxx>
Date: Wed, 23 Feb 2000 16:51:50 +0100
Cc: "'ietf-pkix@xxxxxxx'" <ietf-pkix@xxxxxxx>
Organization: Bull
References: <> <> <>

Andreas,

Thank you for attempting to provide some explanations.

> I will try to give some of the rationale behind the design of the German
> Signature Law as I understand it. You have to understand that the
> requirements were (and still are) not laid down in technical term and
> that - of course - there are different interpretations.
> 
> One basic design was the differentiation between the CA and the
> "information service". The CA issues the certificates and the
> information service - an entity that is a distinct organizational unit
> from the CA - revokes them. This can be interpreted as a technical
> realization of a division of duty which probably could have be solved
> with a requirement for the organizational procedures inside a CA.

Up here this is fine. There are two distinct entities, each one
using its own signing key, one for issuing certificates, and another
one for revoking certificates.

What is not said is whether a relying party will trust *directly*
only the CA key or both the CA key and the Revocation Authority key.
It has deep implications, in particular if the CA key is
compromised.

> Once such a division is made technically, it was extended to the idea
> that a certificate should only be valid once it is inserted in the
> information service database.

I do not understand. To be "valid" a certificate does not (even)
have to be published. It may be given back to the user who may
decide to send it to whatever entity he wishes.

> The law mentions the information service at one point:
> 
> Give that a CA ceases to operate, e.g. when being bankrupt or for what
> reason ever, the certificates are still valid (which is true, a
> revocation of the CA key is not necessary) iff the CA finds another
> trusted party that continues the operation of the information service
> and handles revocations. 

It only means that there must be "some way" to indicate which
Revocation Authority will continue to keep track of revocation
information for the already issued certificates from a given CA.
There is no need for a notion of insertion of certificates in a
public database.

> Accept that this is not a technical idea we
> had, it is an idea that the lawmakers had. But I do think that it has
> some truth in it.
> 
> Another point is that the compromise of a CA key may be a very seldom
> event but the potential cost, even with a desaster plan in place (anyone
> heard about one from any CA?) it may be desirable to have simple
> technical fallback position.

For that case, there exists simple fallback solutions that do not
require the use of an "information service database". The whole
Directory model from which X.509 certificates emerged is making the
assumption that there may be a Repository and, when that this
Repository exists, it is not trusted (this is why certificates are
signed by CAs).

> And a last remark to our OCSP extension: We extended basically the "not
> revoked" case to include extension. This should not disturb other
> systems that use the "not revoked" answer in the original CRL based way

The problem is more important than simply adding an additional
status.

Denis

> Andreas
> --
> Keine Zeit haben wir genug!

References:
- RE: German Law and OCSP
  - From: Simon Tardell
- Re: German Law and OCSP
  - From: Denis Pinkas
- Re: German Law and OCSP
  - From: Andreas Berger

Prev by Date: Re: Straw Poll: SerialNumber definition
Next by Date: Plug'nPlay Certificates. Was: SerialNumber definition
Previous by thread: Re: German Law and OCSP
Next by thread: Re: German Law and OCSP
Index(es):
- Date
- Thread