[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

To: Anders Rundgren <anders.rundgren@xxxxxxxxxx>
Subject: RE: Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
From: Lynn.Wheeler@xxxxxxxxxxxxx
Date: Fri, 16 Jul 1999 08:30:59 -0700
Cc: Stephen Kent <kent@xxxxxxxxxxx>, "'Ed Gerck'" <egerck@xxxxxxx>, "'ietf-pkix@xxxxxxx'" <ietf-pkix@xxxxxxx>, "Eric_Guerrino@xxxxxxxxxxxxxxxxxxxx" <Eric_Guerrino@xxxxxxxxxxxxxxxxxxxx>

from another standpoint (in part because of not having to worry about all the
extraneous issues raised with certificates) ... some of the certificate-less PKI
work is looking at the risk issues ... especially within the context of the
financial industry (financial operations are hot on calculating risk ... so they
can correctly price/predict business ... in large part finance is a risk
management business).

In the finance arena ... significant business processes exist that deal with
establishing the initial business (i.e. certification by any other name) as well
as validating transactions. On a transaction by transaction basis ... technology
is needed that improves the integrity of the transaction ... i.e. digital
signature in lieu of passwords/pins/names.

Assuming a digital signature authentication process ... it then is beneifical to
accurately calculate the risk & assurance level associated with that digital
signature .... i.e. is there an evidentiary, audit trail showing a hardware
token, the assurance level of the hardware token, whether the hardware token has
an activation process, whether any such activation process is PIN or biometric.

One of the interesting issues ... somewhat in line with the problems associated
with using identify certificates flowing over open networks on every transaction
... is flowing biometric information over open networks. Having a biometric
activated hardware token that the person "owns" ... means that the biometric
exchange is only between the person and their token (side-stepping the privacy
invasion and privacy mandates).

One could make the case, that in account-based business processes ... the
inhibitor to certificate-based PKIs is that they create redundant and
superfulous business processes and don't eliminate any processes (i.e.
increasing cost while not showing any corresponding benefit). Certificate-less
PKIs tend to leverage existing account-based business processes ... i.e. optimal
improvement of integrity at optimal increase in cost.

In the financial industry ... an area of opportunity for PKI registration and
audit trail (i.e. not duplicating existing business processes) is providing an
evidentary trail regarding the assurance level of the components used in a
transactions.

An example is providing at sign-up time additional information about the
integrity and characteristic of the hardware token (password/public-key and
person sign-up is already existing business process) with respect to integrity
of the crypto, integrity of the chip involved, what kind of token activation is
employed, etc. This is a new process, that doesn't duplicate existing processes
and is useful information for risk managers .... and provides the basis for
creating parameterized risk management.  The usefulness of this can then be
shown to have three benefits:

1) allows the risk manager to calculate the risk associated with specific
transaction

2) allows institutions to support a variety of price/performance authentication
methodologies appropriate to the risk involved in a wide range of different
valued transactions ... all with a single infrastructure

3) allows institutions to dynamically modify over time the types of
authentication methodologies in use without having to obsolete the
infrastructure

parameterized risk management of components involved in authentication
technology can be demonstrated business case for new business processes that
aren't covered/duplicated today.

As a working hypothesis ... business cases for new duplicate, superfulous
sign-up procedures are hard to make ... especially in account-based environments
... when they don't show a corresponding elimination/reduction in other sign-up
processes.








Anders Rundgren <anders.rundgren@jaybis.com> on 07/16/99 04:36:31 AM

To:   Stephen Kent <kent@po1.bbn.com>, "'Ed Gerck'" <egerck@nma.com>,
      "'ietf-pkix@imc.org'" <ietf-pkix@imc.org>
cc:   "Eric_Guerrino@lnotes5.bankofny.com" <Eric_Guerrino@lnotes5.bankofny.com>
Subject:  RE: Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs
      XML (used to be RE: I-D      ACTION :draft-ietf-pkix-scvp- 00.txt))




Ed,
<big snip>
>> I disagree with your statement that a certificate in software binds a
>> system, vs. a user.

>I fail to see how you can possibly disagree with Eric's statement.  Trust is
not
>distributive in the social sense (ie, not associative in the mathematical
sense),
>which alone opens the problem that (here, * is the trust operator):

 >(A*B)*K <> A*(B*K)

>and thus, for example, Alice may trust that Bob's certificate binds to Bob (ie,
A*B)
>before Alice knows that Bob trusts Khadaffi (ie, B*K), but not afterwards (ie,
A*(B*K)).
>Or, as another example, I may trust my lawyer before I know  that he trusts my
competitor
>but not afterwards. Or, Bill may trust Monica before Bill knows that Monica
trusts
>Linda, but not afterwards. In summary, this is the "unfaithful proxy " problem
as I call it
>-- you can never tell is there is an unfaithful proxy. However, to think
otherwise and to
>believe that (A*B)*K = A*(B*K) is a common misconception that leads one to
believe
>that Bob's certificate binds to Bob irrespective of Bob's trust on Khadaffi --
in fact, Bob
>may not even exist.

Strange misconception between trust in certificates and bindings versus trust
between people.
The latter is not suitable for IETF to handle!  It is basically a manual,
indescribable, out-of-band process :-)

That is why you in an large PKI-scenario (inside an organization legal issues
and non-repudian is
not that terribly interesting really), DESPERATELY NEED TTPs for issuing
identity-certificates.  Even
crooks (Khadaffi?) can get one!  It is not particularly hard for a CA to verify
that a person exists
(just by watching him/her) although an individual's "absolute identity"
(whatever that mean) may
not always be correct.  The latter is IMO not a stumbling factor for PKI
(particularly if biometrics
can be recorded and later verified) as you are unlikely to enter any serious
relationship (Employment,
Bank-account owner) without showing-up physically at least once.

The important thing that a TTP/CA must guarantee is that you must not be able to
"borrow" another
individual's identity.  A set of credentials and biometrics does the trick. To
certificate-wise get a NEW
identity is another thing which does not eliminate the value of PKI/TTPs/CAs as
the subject is back
to square one for all his/her certificate-based relationships.  I.e. they are
all gone.

No signs of rocket-science IMHO.  KISS?  Naah, maybe not.

Note: I deliberately excluded national ID-CAs who HAVE to verify absolute
identity (which is
harder and hander to do with all paper-less refugees in Europe).

Anders

Follow-Ups:
- RE: Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
  - From: Stephen Kent

Prev by Date: RE: KISS for PKIX
Next by Date: Re: Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to beRE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
Previous by thread: Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
Next by thread: RE: Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
Index(es):
- Date
- Thread