RE: Self-signed root transport and CA expiration

[Edward Russell <erussell@xxxxxxx>]

Ned Smith (nsmith@ibeam.jf.intel.com) said on 11/19/96

|||
|||Have you considered the possibility of including the issuer public key in
|||the subject's certificate? That way every certificate is a self-signed
|||cert.
|||Users(applications) that become reasonably familiar with any particular
|||public key - and therefore trust it implicitly could choose not to verify to
|||the root to obtain a self-signed cert.

To which Ed Russell replies

"Familiar with any particular public key" - How would I know whether it is
the public key I am familiar with other than comparing the key itself or
its fingerprint if you included that too with every CA public key I have 
in my local store (or the set I am "familiar" with).

Whether I check the signature of a certificate with a public key included in
that certificate or with the public key in a certificate accompanying the message,
I still have to make sure that the key claiming to be the CA key is in fact
the same key that I think is the CA key.

Once I have accomplished that I have to make sure the CA key is valid in the chain.
I either do that by chasing it to the root, or flagging it as one I am "familiar" with.
However the familiarity bit must be 1. secured from being flipped without my knowledge
and 2. periodically rechecked since higher level CA certs may expire (I guess they are 
still valid in that case anyway) or even put onto a CRL 
("Bribery Discovered at XYZ Cert Authority!!! - all certs suspect!")




Edward Russell
erussell@ftp.com