[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Private key possession

To: ietf-pkix@xxxxxxxxxx, D.Pinkas@xxxxxxxxxxxx
Subject: Re: Private key possession
From: Michael Warner <m.warner@xxxxxxxxxxxxxxxxxx>
Date: Thu, 20 Feb 1997 08:59:34 +1100

> From: Denis Pinkas <D.Pinkas@frcl.bull.fr>
> 
> Topic: Private key possession.
> 
><snip>
> 
> Let us take the following example:
> 
> Alice wishes to apply for a patent today and for doing so signs the 
> text of the patent using its private key, attach to it its certificate 
> and send the two pieces to a patent office. When receiving the two 
> pieces, the patent office would place a counter-signature from a 
> Trusted Time Stamping Authority on the whole package so that one can 
> make sure that the registration date is correct.
> 
> Since Bob intercepted the message from Alice, the patent office did not 
> received Alice's message at this time. Bob promptly asks to a CA 
> located in Barracuda (in the Republic of Banana) to issue a certificate 
> containing the same public key as Alice but with his name in it. For a 
> reasonable fee the CA omits to verify the possession of the private key 
> by the user before issuing the certificate. Thereafter Bob sends the 
> intercepted signed text of the patent and replaces Alice's certificate 
> by his new own certificate. When receiving the two pieces, the patent 
> office places a counter-signature from a Trusted Time Stamping 
> Authority on the whole package so that one can make sure that the 
> registration date is correct.
> 
> In such a scenario Bob would now the patent holder. If for some reason 
> Alice re-sends her message it will be time-stamped after the message 
> from Bob and she will not be recognized as the patent holder.
> 

As you later hint, the problem here lies not with the CA not checking 
the possession of the private key, but rather with the patent lodging
protocol.   Such a protocol must obviously explicitly associate the
identity of the person lodging the patent with the text of the patent.

I don't think extra effort should be tolerated in the certification
stage in an attempt to protect from poor protocol design in applications !

Cheers,

Michael Warner
Telstra Research Labs

Prev by Date: Re: Private key possession
Next by Date: Re: Private key possession
Previous by thread: Re: Private key possession
Next by thread: Re: Private key possession
Index(es):
- Date
- Thread