[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IETF-PKIX] Multiple certificates for same key?

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: Re: [IETF-PKIX] Multiple certificates for same key?
From: Tony Bartoletti <azb@xxxxxxxx>
Date: Wed, 4 Mar 1998 12:18:27 -0800
Approved-by: Tony Bartoletti <azb@LLNL.GOV>
In-reply-to: <2F2DC5CE035DD1118C8E00805FFE354C256336@red-msg-56.dns.micr osoft.com>
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

Pardon, please, my pedantic revisitation of this topic, but some of the
comments that have been made imply (to me) a peculiar stance on the
relationship between keys, certificates, end-entities (EE) and relying
parties (RP).

More than once, I have seen expressed "which certificate was used to sign"
a document or transaction.  I thought that a "private key" was used, and is
not a component of any certificate directly.  I think of a private key as
having (potentially) a life of its own, possibly independent of any
certificate (albeit not of great use where not certified in some capacity.)

Where does the following example "fall down"? :

In my hypothetical role as Purchase Officer for BigCorp, I obtain a classy,
expensive certificate for a key, attesting to my identity and role, and
obligating me to protect such key to the level of assurance indicated by
the certificate.  I also have this key certified by Certs-R-Us as belonging
to me in the capacity "member of chess club in good standing" (with a very
low degree of assurance provided, and so a low cost.)

I sign a purchase order on behalf of BigCorp.  The relying party must verify
this signature, and so must obtain a some certificate by some means.  Simply
verifying that some arbitrary public key verifies the signature is not
enough.  It must be a *suitably certified* key.  If I point the RP to my
"chess club" cert, the signature may verify, but the transaction should not
proceed.  How could it?

Also, how could my act of obtaining a "cheap cert" on the same key weaken
in any way the relationship this key has to me in my BigCorp role, or my
obligations to protect said key in accord with the provisions indicated in
the classy, expensive certificate?

Finally, I say all of this, not to advocate multiple certification of a key,
(keys will NOT be a scarce commodity) but to understand the "liability issues"
alluded to by some in this discussion.  I even wonder if there is a fear that
"cheap CAs" might leverage the strong (pre-existing) certification on a key
to issue additional certifications, attesting to whatever the owner-in-common
would like, in essense conditioning the validity of their new binding on the
continued validity of the "classy certificate."

___TONY___

Tony Bartoletti                                             LL
SPI-NET GURU                                             LL LL
Computer Security Technology Center                   LL LL LL
Lawrence Livermore National Lab                       LL LL LL
PO Box 808, L - 303                                   LL LL LLLLLLLL
Livermore, CA 94551-9900                              LL LLLLLLLL
email: azb@llnl.gov   phone: 510-422-3881             LLLLLLLL

Follow-Ups:
- Re: [IETF-PKIX] Multiple certificates for same key?
  - From: Charles W. Gardiner

Prev by Date: Re: [IETF-PKIX] Multiple certificates for same key?
Next by Date: Re: [IETF-PKIX] Multiple certificates for same key?
Previous by thread: Re: [IETF-PKIX] Multiple certificates for same key?
Next by thread: Re: [IETF-PKIX] Multiple certificates for same key?
Index(es):
- Date
- Thread