[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is privateKeyUsagePeriod deprecated?

To: Peter Gutmann <pgut001@xxxxxxxxxxxxxxxxx>
Subject: Re: Why is privateKeyUsagePeriod deprecated?
From: "David A. Cooper" <david.cooper@xxxxxxxx>
Date: Mon, 21 Jul 2003 11:03:02 -0400
Cc: ietf-pkix@xxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030630

Peter Gutmann wrote:

PKIX disallows (strongly) this extension, but without giving any reason for
it:

 This extension SHOULD NOT be used within the Internet PKI.  CAs conforming
 to this profile MUST NOT generate certificates that include a critical
 private key usage period extension.

I've now run into several PKI users (including fairly large ones like
government departments and large corporations) who resort to ignoring the cert
expiry date in order to get around this restriction, since they have a
requirement to validate signatures long after use of the private key has been
discontinued.  Is there any reason for this extension being disallowed (I'm
sure I've asked that before, but don't remember getting a satisfactory reply)?
What are you supposed to do in its absence?

Peter,

It is my understanding that use of this extension was deprecated since, unless signed messages are timestamped by a trusted time stamping service, there is no way of determining when a message was signed. Without this ability, the relying party can not verify that the signature was created before the end of the private key usage period, if the signature is being verified after the end of the private key usage period. If relying parties can not make use of the information, then there is no reason to include it in the certificate.

Of course, there is no reason that one can not discontinue use of a private key before the expiration of the corresponding certificate even if there is no indication in the certificate of when use of the private key is supposed to end. Is there any reason that the PKI users you mention need to include this information in the certificate? If there is a need to verify signatures for up to 7 years after the signature was generated, why not just institute a policy that all subscribers must rekey 7 years before the expiration of their certificates? Why does the private key usage period need to be specified in the certificate (except perhaps indirectly by mentioning it in the certificate policy)?

Dave

Follow-Ups:
- Re: Why is privateKeyUsagePeriod deprecated?
  - From: David Chadwick

References:
- Why is privateKeyUsagePeriod deprecated?
  - From: Peter Gutmann

Prev by Date: Why is privateKeyUsagePeriod deprecated?
Next by Date: Re: Issues in LDAP schema IDs
Previous by thread: Why is privateKeyUsagePeriod deprecated?
Next by thread: Re: Why is privateKeyUsagePeriod deprecated?
Index(es):
- Date
- Thread