[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IETF-PKIX] Cryptographic binding of certificates to signatures

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: Re: [IETF-PKIX] Cryptographic binding of certificates to signatures
From: "Brian M. Thomas" <bt0008@xxxxxxxxxxxxxxx>
Date: Tue, 10 Mar 1998 14:10:02 -0600
Approved-by: "Brian M. Thomas" <bt0008@ENTROPY.SBC.COM>
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

David Kemp wrote:
> I look at it somewhat differently.  Issuing a single certificate
> per key provides the cryptographic binding between the signature
> and the certificate; proposals to share keys between certificates
> reduce that to a binding between the signature and the union of
> all certificates which share the key.
>

Unless I really misunderstand you here, I must say that this is simply
false.  *Proof* of the issuance of a single certificate per key could
provide the cryptographic binding of signature to certificate; I invite
the cryptographers to show me how this could be accomplished.

What am I missing?

brian

Prev by Date: Re: [IETF-PKIX] New Notary Protocol Draft
Next by Date: Re: [IETF-PKIX] Multiple certificates for same key?
Previous by thread: Re: [IETF-PKIX] Cryptographic binding of certificates to signatures
Next by thread: Re: [IETF-PKIX] Cryptographic binding of certificates to signatures
Index(es):
- Date
- Thread