[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Thin PKI won - You lost

To: Anders Rundgren <anders.rundgren@xxxxxxxxx>
Subject: Re: Thin PKI won - You lost
From: Camillo Särs <Camillo.Sars@xxxxxxxxxxxx>
Date: Fri, 15 Dec 2000 14:46:17 +0200
Cc: PKIX-List <ietf-pkix@xxxxxxx>
Organization: F-Secure Corporation
References: <>

Hi Anders,

(Cc: to PKIX - feel free to disregard this message if it conflicts too
badly with your beliefs.)

Anders Rundgren wrote:
> The concept in a nutshell: When you engage in inter-organizational 
> activities you let an "organization server" vouch for its employees 
> (clients) by signing (AC-like) credentials on the fly for
> authentication, and signing outgoing transactions on the clients 
> request. All this without using any direct PKI-based "connection" 
> between the client and the RP.   BTW, the client does not even have to
> use PKI!

This is beginning to sound familiar, although you are still relying heavily
on the "on-line trusted party" role.  Which is fine in some cases, but not
generally applicable nor stricly speaking always necessary.

> You claimed that this was a bad idea, while I claimed that this is "the 
> future for PKI".
["You" refers to Stephen Kent]
> 
> After reading the S2ML-draft 0.7a I can inform you that this 
> specification, which is supported by VeriSign, RSA etc. use exactly this 
> scheme for authentications and authorizations.  And so does BTW VISA's 
> coming 3D-SSL payment solution as well.
> 
>                                  Any comments? :-) :-)

Add a few features:
- Ability to generate limited-authority certificates beforehand for limited
periods of time.  E.g. "PP can buy pens today".
- Ability to optionally delegate the rights.
- Ability to restrict rights during delegation.

and what you effectively have is very close the semantics of SPKI.

> My guess is that this will in a couple of years, smash quite a few 
> PKI-projects into pieces!
> 
> For those who are engaged in federal or national PKIs, and Bridge-CAs 
> etc.:
> 
>                    === You are very likely to be on the wrong track! ===

I tend to agree with you.  For most on-line transactions, the concept of
"identity" is fairly irrelevant - the real issue for the relying party is
the authorization to perform an action.  Once the high-level legal trust
relationships exist [Read: "If you cheat, we will sue you out of
business."], the remaining issues are mostly about transferring
authorization - delegation - and avoiding fraud by the users.

On a side track, current "Qualified Identity Certificate" systems are very
vulnerable to private key exposure and require highly trusted terminals. 
Windows-based PCs are not such trusted terminals, regardless of how many
smart cards you buy.  This issue is usually not discussed at all, which I
find very alarming.

In certificate systems where authorizations are higly granular, atomic and
limited, the risk introduced by improper use of a private key or the
compromise of the signing system is significantly smaller.  As a matter of
fact, I believe this is the only way we can ever make PKI-based eCommerce
work outside laboratories.

Regards,
Camillo Särs
-- 
Camillo Särs <Camillo.Sars@F-Secure.com>       http://www.iki.fi/ged/
Security Researcher, F-Secure Corporation      http://www.F-Secure.com
    *** My office phone number has changed to +358 9 2520 5554 ***
   F-Secure products: Securing the Mobile, Distributed Enterprise

Follow-Ups:
- S2ML, Thin PKI and SPKI
  - From: Anders Rundgren

References:
- Thin PKI won - You lost
  - From: Anders Rundgren

Prev by Date: Thin PKI won - You lost
Next by Date: S2ML, Thin PKI and SPKI
Previous by thread: Thin PKI won - You lost
Next by thread: S2ML, Thin PKI and SPKI
Index(es):
- Date
- Thread