[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: German Key Usage

To: Aram Perez <aram@xxxxxxxxx>
Subject: Re: German Key Usage
From: "Simonetti David" <simonetti_david@xxxxxxx>
Date: Fri, 14 Aug 1998 14:21:47 -0400
Cc: "Friedrichs, Paul" <friedrip@xxxxxxxxxxxx>, "hans.nilsson@xxxxxxxx" <hans.nilsson@xxxxxxxx>, "stefan@xxxxxxxxxxx" <stefan@xxxxxxxxxxx>, "lars.gu.johansson@xxxxxxxxx" <lars.gu.johansson@xxxxxxxxx>, "ietf-pkix@xxxxxxx" <ietf-pkix@xxxxxxx>, "cert-talk@xxxxxxxxxxxxxxxxxx" <cert-talk@xxxxxxxxxxxxxxxxxx>, "blake.greenlee@xxxxxxxxxxxx" <blake.greenlee@xxxxxxxxxxxx>
Organization: BAH
References: <>
Sender: owner-ietf-pkix@xxxxxxx

Well said!

Aram Perez wrote:
> 
> Paul Friedrichs wrote:
> >
> >     Aram Perez:
> >
> >     Security 101: Any key (whether symmetric or asymmetric) should
> >     have one and only one use/purpose. Typically the uses are: 1) Key
> >     Exchange (or key encrypting), 2) Data encryption, and 3) Signature
> >     (or binding).
> >
> >This is dogma.
> 
> One's man's dogma is another man's good security practice ;-)
> 
> >
> >     Just because you can do something technically does not mean that
> >     you should do it. There are plenty of security reasons why you
> >     should not use one key for more than one purpose.
> >
> >Reason(s) must be the basis of keyUsage, not dogma. What's the
> >difference between 1) and 2), above? Why should they be distinguished?
> 
> What's the difference between 1), 2) and 3) for asymmetric algorithms? In all
> three cases you are encrypting something: 1) a key, 2) a data stream, and 3) a
> digest.
> 
> >
> >     Non-repudiation is more of a "business/legal" concept than a
> >     technical one. Asymmetric signatures can provide the property of
> >     non-repudiation only if you are 100% assured that the signer is
> >     the only entity that has access to the private key. I'm anxiously
> >     waiting for the first lawsuit related to the "non-repudiation" of
> >     a business transaction (performed with a private key stored on a
> >     file).
> >
> >I agree. That's why *nonRepudiation* keys must remain separate form
> >anything that might be escrowed. This is not violated if
> >digitalSignature keys which are not asserted to support nonRepudiation
> >are escrowed, for example.
> 
> Why would you ever escrow any signature key? I personally have never heard of
> any proposal/plan/law/etc to escrow signature keys. My understanding of why the
> US Government and law enforcement want key escrow is to decrypt information, not
> to be able to regenerate a signature.
> 
> I will re-state: "There are plenty of security reasons why you should not use
> one key for more than one purpose." (and not just dogma).
> 
> Regards,
> Aram Perez
> Apple Computer, Inc.

-- 
David Simonetti, Booz·Allen & Hamilton Inc.

References:
- Re: German Key Usage
  - From: Aram Perez

Prev by Date: Re: German Key Usage
Next by Date: Re: German Key Usage
Previous by thread: Re: German Key Usage
Next by thread: RE: German Key Usage
Index(es):
- Date
- Thread