[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Last Call (CMP proof-of-possession)
- To: Russ Housley <housley@xxxxxxxxxx>, ietf-pkix@xxxxxxxxxx
- Subject: Re: Last Call (CMP proof-of-possession)
- From: John Lowry <jlowry@xxxxxxx>
- Date: Tue, 07 Oct 1997 11:32:07 -0400
- In-reply-to: <>
- References: <"13239*/I=TA/S=Parker/OU=win0199/O=icl/PRMD=icl/ADMD=gold 400/C=GB/"@MHS><>
At 10:30 AM 10/7/97 -0400, Russ Housley wrote:
>I stongly believe that Proof-of-Possession should be REQUIRED!
>>>Now that we are in last call, I'd like a straw poll to measure the
>>>degree of consensus for REQUIRING Proof-of-Possession for PKIX-compliant
>>>CAs. If there is general agreement, PoP can be returned to its
>>>original REQUIRED status without delaying the RFC.
>>I'd like to support him in his proposal to make POP mandatory. As I've
>>already emailed, I believe that the CA should be considered to be
>>actually making a binding between the owner and the private key. The
>>certificate should be saying: "this name owns the private key corresponding
>>to the public key in this certificate". Without POP, all the certificate
>>says is: "This name wishes to be associated with the public key in the
>>certificate; the corresponding private key may however belong to someone
>>else" - very useful :-(.
>>I'm also concerned that individuals might be spoofed into
>>presenting the wrong public key value to the CA when requesting a
>>certificate, or the request may be tampered with en route, so that the
>>malicious private key owner who substituted his/her own public key can
>>then masquerade as the individual.
>>If you (a CA) are making a guaranteed binding between two values, both
>>need to be authenticated for the guarantee to be worth anything.