[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Interpretation of KeyUsage?

To: ietf-pkix@xxxxxxxxxx
Subject: Re: Interpretation of KeyUsage?
From: dpkemp@xxxxxxxxxxxxxx (David P. Kemp)
Date: Tue, 21 Jan 1997 09:44:30 -0500

> From: Lars Johansson <Lars.Johansson@psab.posten.se>
> 
> Housley, Russ wrote:
> > 
> > My opinion:
> > 
> > 1. Authentication is a 'digitalSignature' key.
> > 
> > 2. Computing digital signatures (e.g. signing legal contracts) is both a
> > 'digitalSignature' and a 'nonRepudiation' key.
> 
> This would be in line with the recommedation I received from Dennis
> Pinkas.  However, I still find it somewhat troublesome. Suppose I want
> to take part in an authentication protocol with somebody with two keys
> as described above.  Then which key do I pick? Many service providers
> may decide that a key with nonRepudiation "looks better" since then
> (they believe that) the other part can't repudiate the authentication
> protocol.
> 
> The point is that authentication and non-repudiation keys may never be
> mixed.  This could work with your suggestion as well as long as we're
> very clear what we mean with these key usages. Perhaps this definition
> would work:
> 
> 1. Authentication is a key with keyUsage 'digitalSignature' set and
>    'nonRepudiation' not set.
> 
> 2. Computing digital signatures (e.g. signing legal contracts) is a key
>    with both keyUsage 'digitalSignature' and 'nonRepudiation' set.
> 
> Notice that this definition doesn't differ from yours but it may be
> clearer.


Amendment 1 to ISO 9594-8:1995(E) includes the following text under
12.2.2.3 Key Usage field:

 "Bits in the KeyUsage type are as follows:

   a) digitalSignature: for verifying digital signatures that have purposes
      other than those identified in b), f), or g) below;

   b) nonRepudiation: for verifying digital signatures used in providing
      a nonrepudiation service which protects against the signing entity
      falsely denying some action (excluding certificate or CRL signing,
      as in f) or g) below);

    ...

   f) keyCertSign: ...
   g) cRLSign: ..."


My interpretation of this text is that a key which may be used only for
authentication would have 'digitalSignature' set and 'nonRepudiation'
not set (as everyone agrees, above).  But a key which is to be used
only for signing contracts (and not for authentication) would have
'nonRepudiation' set and 'digitalSignature' *not* set.

A single key which may used for both purposes would, of course,
have both bits set.  Lars' definition would disallow the issuance of
a single key that could be used for both purposes, so I prefer the
current DAM definition as it stands.

      dpk

Follow-Ups:
- Re: Interpretation of KeyUsage?
  - From: Lars Johansson

Prev by Date: Re: Questions about character sets and their encodings
Next by Date: Re: Questions about character sets and their encodings
Previous by thread: Re: Interpretation of KeyUsage?
Next by thread: Re: Interpretation of KeyUsage?
Index(es):
- Date
- Thread