[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: German Law and OCSP

To: Michael Herfert <michael.herfert@xxxxxx>
Subject: Re: German Law and OCSP
From: Denis Pinkas <Denis.Pinkas@xxxxxxxx>
Date: Fri, 25 Feb 2000 17:57:30 +0100
Cc: ietf-pkix@xxxxxxx
Organization: Bull
References: <> <> <>

Michael,

Thank for attempting to answer to the question. However, the right
explanation is not contained in this E-mail where it is said: "user
certificates must remain valid if a CA looses the license", but in
the other E-mail sent to Hans Nilsson where it is said:

"The german law requires that user certificates must be valid, even
if the CA key has been corrupted."

This sentence does not appear in the extracts you provide below:

1) The first sentence of §13 (5) does not address the case of CA key
compromise.

2) The second sentence of §13 (5) orders invalidation of
certificates which is in contradiction with maintaining the validity
of certificates, even if the CA key has been corrupted.

3) The sentence of §8(3) talks about invalidation, not maintaining
the validity of the certificate.

The fact that by §13(5) user certificates must remain valid if a CA
looses the license, does not mean that the CA key is compromised. A
CA may loose its license without any key compromission.

The idea is nevertheless to consider the way to handle the case of
CA key compromission. 

The basic question is whether there is a need to modify RFC 2459 to
handle CA key compromission. If there is such a need, this cannot
interpreted from this text.

Denis


> Hello Denis and all,
> 
> Denis Pinkas wrote:
> > Besides the wording, the question was to understand the rational of
> > the model. The question is still pending ...
> 
> The standard X.509 model does not satisfy the requierements of the german
> law. So there was a need for a new model. The important paragraphs are:
> 
> §13(5): "The validity of the certificates issued by a certification
>          authority shall remain unaffected by the withdrawal or
>          revocation of a licence. The competent authority may order the
>          invalidation of certificates when facts warrant the assumption
>          that certificates have been forged or are not adequately
>          protected against forgery or when technical components
>          used for the signature keys reveal security flaws enabling
>          digital signatures to be forged or signed data to be
>          manipulated without detection."
> 
> §8(3):  "The competent authority shall invalidate certificates which it has
>          issued according to §4(5) when a certification authority
>          ceases operation or its licence is withdrawn or revoked."
> 
> Assume a CA looses its license, for example because it has lost its money.
> According to §8(3) the competent authority (= the german root CA)
> must revoke the certificate.
> 
> By §13(5) user certificates must remain valid if a CA looses the license.
> 
> So we have a revoked CA certificate and valid user certificates.
> This case can not be handled by the standard X.509 model.
> 
> ---
> 
> The SigG model is an easy and effective model.
> Assume a two level hierarchy:
>         root CA
>         CA
>         users
> 
> 1. Now Alice wants to verify 10000 digital signatures
>    with respect to the standard model.
>    She decides that she needs online verification of certificates.
>    For the first signature she must ask her online service three times:
>      to verify the user certificate
>      to verify the CA certificate
>      to verify the root certificate
>    So for 10000 verifications she needs 30000 requests.
> 
> 2. On the other side, Bob verifies the same amount of signatures
>    by the SigG model.
>    He first verifies the CA and the root CA certificates.
>    He can store the results and reuse them in the future.
>    So for 10000 verifications Bob needs 10002 requests.
> 
> ---
> 
> A standard X.509 directory service may be joined with the german signature law.
> Alice ask this service for the certificate of Bob.
> The service answers by sending Bob's certificate
> (if Bob has allowed this).
> The certificate is signed by the CA, like always,
> but it has no extra signature.
> The meaning of the answer is:
>   Alice, this is Bob's certificate. It may be valid
>   or not. If you want to know the exact status,
>   ask the validation service.
> 
> If we replace the words "validation service" by "OCSP"
> then this is exact the meaning we have in the standard model.
> 
> Greetings,
> Michael
> 
> ---
> 
> Michael Herfert
> GMD - German National Research Center for Information Technology
> Darmstadt
> Germany

References:
- Re: German Law and OCSP
  - From: Stefan Kelm
- Re: German Law and OCSP
  - From: Denis Pinkas
- Re: German Law and OCSP
  - From: Michael Herfert

Prev by Date: RE: German Law and OCSP
Next by Date: Re: What if the CRL distribution points for a CA change?
Previous by thread: Re: German Law and OCSP
Next by thread: RE: German Law and OCSP
Index(es):
- Date
- Thread