[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: when can an entry not appear on a CRL?

To: Juergen.Walter@xxxxxx
Subject: Re: when can an entry not appear on a CRL?
From: Denis Pinkas <Denis.Pinkas@xxxxxxxx>
Date: Thu, 17 Dec 1998 16:09:11 -0800
Cc: ietf-pkix <ietf-pkix@xxxxxxx>
Organization: Bull
References: <> <> <> <> <> <>
Sender: owner-ietf-pkix@xxxxxxx

Juergen,

I agree in principle with your comments and with the amended way to verify
digital signatures in any case (i.e. taking the time of GENERATION of the
signature and NOT the time of verification of the signature). However see a
clarification question below.

> Paul Koning wrote:
> >
> > >>>>> "Juergen" == Juergen Walter <walter@deh.de> writes:
> >
> >  Juergen> Paul Koning wrote:
> >  >> On a related issue, if you use "time of signature generation" how
> >  >> do you know what that is?  It can't just be the timestamp in the
> >  >> signature, since that would allow the thief of a key which was
> >  >> revoked at time T to generate a "valid" signature by constructing
> >  >> one with signing time T-epsilon.
> >
> >  Juergen> This is right under the assumption that the thief can sign
> >  Juergen> with signing time T-epsilon. If the signer has included an
> >  Juergen> appropriate non-repudiation token (e. g. a token generated
> >  Juergen> by a trusted time stamp server), then this attack fails.
> >
> > Not quite.  It fails if the verifier insists that all signatures it
> > verifies must be accompanied by a trusted time stamp token if they are
> > to be verified to a time older than the time of verification.
> >
> > The fact that the legitimate signer includes tokens doesn't prevent
> > the intruder from generating signatures without tokens unless the
> > verifier insists on them.
> >
> This is right. A non-repudiation token has no worth unless the relying
> party insists on it. I think that a pure digital signature is not
> appropriate to non-repudiation.

Correct.

> There are many scenarios.

Many scenarios for proving this  ? or ... many scenarios for having
appropriate non-repudiation tokens ?At the time being, I am aware of very few
(secure) non-repudiation tokens definitions. I also know some which are
insecure . :-(

> I believe that
> trusted time stamp servers or notary services are necessary, whenever
> non-repudiation is required.

Correct.

Denis

> Hence, it is required that either the
> relying party insists on them or the relying party initiate them.
>
>
> --
>
> Juergen

References:
- when can an entry not appear on a CRL?
  - From: Mary_Ellen_Zurko
- Re: when can an entry not appear on a CRL?
  - From: Juergen Walter
- Re: when can an entry not appear on a CRL?
  - From: Paul Koning
- Re: when can an entry not appear on a CRL?
  - From: Juergen Walter
- Re: when can an entry not appear on a CRL?
  - From: Paul Koning
- Re: when can an entry not appear on a CRL?
  - From: Juergen Walter

Prev by Date: RE: x.509v3
Next by Date: Re: Invalidity Dates
Previous by thread: Re: when can an entry not appear on a CRL?
Next by thread: Re: when can an entry not appear on a CRL?
Index(es):
- Date
- Thread