[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Trivial PKI Question

To: <ietf-pkix@xxxxxxx>
Subject: Trivial PKI Question
From: "Anders Rundgren" <anders.rundgren@xxxxxxxxx>
Date: Mon, 3 Mar 2003 22:44:47 +0100
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

A "TRIVIAL" PKI QUESTION
-----------------------------------

Assume that you have a business message like a purchase order

    <Order>
        <From name="Big Buyer Corp.">
            <OurRef name="John Doe"/>
        </From>
        <To name="MegaCar International"/>
        <Item>10 Medium-sized SUVs</Item>
        <Comment>Make it quick please!</Comment>
    </Order>

Now assume that "Big Buyer Corp." is an advanced organization
using digital signatures.

==============================================
Question:  How should the identity as expressed in the document
relate to the identity as expressed by the signer's certificate?
==============================================

Among the complications we find

1.  The PKI-identity is presumably "strong" as it is vouched for by a
     CA, while the identity in the business document is only "claimed"
     by the entity itself.  ==> The PKI identity is governing?

2.  The hierarchical naming system used by PKI (X.500) is completely
     different to the various naming schemes used in businesses.

3.  Some PKI-folks claim that signatures should be tied to individuals.
     Does this mean that the signer's certificate in the sample should
     identify John Doe of Big Buyer Corp.?

4.  The receivers (relying parties) are automated processes supposed
     to securely handle similar messages from numerous business parties.

5.  Current e-commerce standards like ebXML and Web Services does
     NOT address this basic question.

My own conclusion is that PKI was created to support e-mail where
these questions do not arise.  For other types of messaging, PKI in
its current shape does not scale well, or at least creates as many
new problems as it was meant to solve existing ones.

Regarding #1, I believe that most business systems ignore the PKI-
identity due to #2, #3 and #4.  Although a bit weird, the logic behind
that is that if an entity having a known key/cert is "lying", they will
sooner or later get in trouble anyway.  The drawback is that this will
be found out by a *human*, and usually only *after* a malpractice has
been performed.

A LONG-TERM REMEDY
-------------------------------

To create a foundation for more frictionless PKI-secured e-business,
I think that there *long-term* should be a one-to-one mapping between 
[basic] business message identities and certificate identities.
As the business community is never going to adopt X.500 naming, as 
well as having their own naming problems, this will likely require
changes on both sides.  A possible scheme using the currently only
globally functioning naming system (DNS/URIs), is that entities are
uniquely defined by two elements:

- A naming domain (name space) based on a URI like: "http://www.visa.com/cc";
- A local identifier in that domain like: 4555-5555-2244-8888

Although the example identified a credit-card, the scheme works for just
about any kind of object or entity.  An advantage of using HTTP URIs is
that you usually can get further information "by clicking on the link".

Anders Rundgren

Follow-Ups:
- Re: Trivial PKI Question
  - From: Stephen Kent
- RE: Trivial PKI Question
  - From: Olle Mulmo

Prev by Date: Re: RFC3161(TSP): doubts about tcp protocol
Next by Date: RE: RSA: 00: draft-ietf-pkix-rsa-pkalgs-00.txt
Previous by thread: I-D ACTION:draft-ietf-pkix-acpolicies-extn-02.txt
Next by thread: RE: Trivial PKI Question
Index(es):
- Date
- Thread