[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: proof-of-possession for DH keys

To: Adam Back <aba@xxxxxxxxxxxx>
Subject: Re: proof-of-possession for DH keys
From: Stephen Kent <kent@xxxxxxx>
Date: Tue, 11 Aug 1998 16:49:27 -0400
Cc: ietf-pkix@xxxxxxx
In-reply-to: <>
References: <>(message from Carlisle Adams on Mon, 15 Jun 1998 12:03:50 -0400)
Sender: owner-ietf-pkix@xxxxxxx

Adam,

Unfortunately, the possible consqquences are worse than the self-inflicted
DoS attack you descibed.  Specifically, by having a credible CA issue a
cert binding someone elses public key to the imposter's name, the imposter
can claim to be the signer of traffic associated with someone else (in the
case of a signature key bound into the certificate). This is a violation of
the nominal semantics of PKI use, and this should be avoided.  We've had
this discussion before, several times, and there was comcensus that POP is
important; the latitude that has been introduced into the specs is to allow
the CA to determine the means by which POP is achieved.  That's why the
cert management protocols do not mandate POP via a protocol exchange, even
though they do support this form of POP.

Steve

Follow-Ups:
- Re: proof-of-possession for DH keys
  - From: Adam Back

References:
- RE: proof-of-possession for DH keys
  - From: Carlisle Adams
- Re: proof-of-possession for DH keys
  - From: Adam Back

Prev by Date: RE: ldapv2-schema and CA Certificates
Next by Date: Re: ldapv2-schema and CA Certificates
Previous by thread: Re: proof-of-possession for DH keys
Next by thread: Re: proof-of-possession for DH keys
Index(es):
- Date
- Thread