[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IETF-PKIX] Multiple certificates for same key?

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: Re: [IETF-PKIX] Multiple certificates for same key?
From: Michael Warner <m.warner@xxxxxxxxxxxxxxxxxx>
Date: Wed, 4 Mar 1998 13:06:38 +1000
Approved-by: jean.pawluk@TANDEM.COM
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

Are you trying to solve too large a problem here ?   It seems as though you
are trying to have a fully automated equivalent of the entire legal system,
by trying to tightly link roles and responsibilities to the certificates.
It almost sounds like SPKI....

Surely the purpose of the certificate is to bind the public key with an
identity (or set of attributes) of a physical person.   The fact that I have
multiple names (or roles or other attributes) doesn't mean I'm actually
multiple people, or that I change my (handwritten) signature.

It is the application space which will be concerned about my various
attributes (including my name).   The fact that I have other attributes
(including my name) in one application space should not impact my attributes
in a second.   If the attributes have meaning in multiple application spaces
then they should not conflict.   If they do, it means they have been
incorrectly defined, assigned or interpreted.

If a signed message in one application space is so ambiguous in nature as to
have meaning in a different application space there would seem to be a
problem with the definition of the message structures of the applications -
not the certificates.

Cheers,

Michael



-----Original Message-----
From: Bob Jueneman <BJUENEMAN@novell.com>


>The issue, of course, is that if there are two certificates which both
contain the same public key, then  the binding from the private key (which
signed the document) to the public key to the identity and other attributes
which are associated with the public/private key become indeterminate.
>
>It might be argued that if it is indeed the same entity, the no harm no
foul rule should apply. But I would argue that unless the ENTIRE contents of
the two certificates are precisely identical (in which case why bother),
then different is not the same.



>
>To go further would require an extensive analysis of exactly what the
differences were, and whether they might matter, even in some obscure
context that would be difficult to envision.  For example, a difference in
validity period might have some difference down the line in terms of
nonrepudiation, especially if one certificate was revoked because of a
compromise and the other was not.
>
>In the case of differences in the common name, address, etc., even though
it is the same person using either her married or personal name (Mrs. John
Smith vs. Lucy Smith), there might be some obscure legal difference due to
community property laws or whatnot -- who knows.
>
>Likewise, two different certificates -- one listing my primary residence
and the other my summer cabin -- might have slightly different connotations
in a legal context, since there might be differences in the laws of the two
different jurisdictions, and in the absence of any other indication of the
locus of the transaction, the locality of the user as expressed in the
certificate might govern.
>
>At one time I took the hard and fast position that said that the same
public key should NEVER be used in two different certificates, but someone
convinced me that sometimes corporations change their name (Esso to Exxon,
United States Steel to USX, etc.), other times they are acquired by another
company. forcing a drastic change of all of the subordinate names might
screw up name subordination and other mechanisms, and shouldn't be done
hastily, even if the organization whose name is changing is a CA.  So I
guess I can't say that public keys should _never_ be reused.
>
>How about HARDLY EVER, ALMOST NEVER, ONLY IF THE SUN DOESN'T RISE, AND THEN
ONLY IF YOU STOP AND THINK REAL HARD?
>
>On the other hand, having multiple certificates, all with the same entity
information but with different keys, whether because of different key
usages, algorithms, or just your whim, is perfectly acceptable. Maybe you
can get the CA to give you a volume discount.  (Seriously, why not, since
most of what they are doing is the due diligence of confirming who you are?)
>
>Bob
>
>
>Robert R. Jueneman
>Security Architect
>Novell, Inc.
>Network Products Group
>122 East 1700 South
>Provo, UT 84604
>801/861-7387
>bjueneman@novell.com
>
>"If you are trying to get to the moon, climbing a tree,
>although a step in the right direction, will not prove
>to be very helpful."
>
>"The most dangerous strategy is to cross a chasm in two jumps."
>
>
>>>> Tony Bartoletti <azb@llnl.gov> 03/02 3:35 PM >>>
>Stefan,
>
>At 06:34 PM 3/2/98 +0100, you wrote:
>>Folks,
>>
>>I haven't had the time to browse through all the different latest drafts,
I'm
>>afraid. Having had some discussions concerning the German digital
signature
>>law, however, a question occured to me: Is a CA allowed to issue two (or
>>more) certificates for a single end-entity's public key? If yes, this
could
>>lead to big problems, especially in terms of liability of the CA. If
>>not, shouldn't this be specified somewhere?
>
>Could you expand on the liability issues you mention regarding the issuance
of
>differing certificates for the same public key?  From a layman's point of
>view,
>of course a CA could get into trouble issuing arbitrary certificates on a
>given
>end-user's public key.  But, for the sake of argument, if I want the same
key
>to be certified by a CA in two distinct certificates, both of which contain
>data that identifies me (in different ways, for different reasons,) then it
>seems to be up to the relying party to check if there is a valid
certificate
>for that key, suitable for their purposes of identification.  (Apologies
for
>naive view and tortured sentence structure.)
>
>Here is a related question (and perhaps more likely desired) : Can I ask a
CA
>to certify 10 keys, in 10 certificates, all of which attest to identical
info?
>(modulo certificate id, or course.)  My thought is, I want to use my keys
very
>sparingly, cycling through them so to thwart marketeers attempting to trace
my
>habits.  This presupposes that I, the cert-owner, control the cert that I
>point
>the relying party to use.
>
>Thoughts?
>
>
>
>Tony Bartoletti                                             LL
>SPI-NET GURU                                             LL LL
>Computer Security Technology Center                   LL LL LL
>Lawrence Livermore National Lab                       LL LL LL
>PO Box 808, L - 303                                   LL LL LLLLLLLL
>Livermore, CA 94551-9900                              LL LLLLLLLL
>email: azb@llnl.gov   phone: 510-422-3881             LLLLLLLL
>

Prev by Date: Re: [IETF-PKIX] Re patent 5699431 & PKIX
Next by Date: Re: [IETF-PKIX] Multiple certificates for same key?
Previous by thread: Re: [IETF-PKIX] Multiple certificates for same key?
Next by thread: Re: [IETF-PKIX] Multiple certificates for same key?
Index(es):
- Date
- Thread