Re: Options, was Re: To Be, or NR To Be ...

["David P. Kemp" <dpkemp@xxxxxxxxxxxxxx>]

> From: Ed Gerck <egerck@nma.com>
> 
> Ron Ramsay wrote:
> 
> > But the bit doesn't say anything EXCEPT vanilla, it says STRAWBERRY!
> >
> > I'm going mad!! Stop! Stop! Stop!
> 
> ;-)  the slightly maddening point here is not what the NR bit says when it is 
"on"
> (there are at least 4 different flavors already named -- not just strawberry) 
nor what it
> says when it is "off" (there are at least 3 more flavors named) but what other
> bits can co-exist with the NR bit if one takes the spec to task, by what it 
says (but,
> what else would one do -- interpret the spec at will?).


Ed,
  I disagree with Al's tone, and believe that we should always strive
for a civil discussion of ideas.  But it is a bit maddening that you
conjure up perverse definitions and interpretations, and then use them
to argue that the world can be nothing other than convoluted.
Your approach violates the principle of Ockham's Razor, under which
in the face of ambiguity, the simpler alternative is inherently
preferred.

Examining assumptions, clarifying language, and producing alternative
interpretations is valuable up to a point.  But there is a point beyond
which it is counterproductive.  I believe that when we have disagreement
over the meaning of words like "false" and "deny" in the context of
PKIX, we have crossed that point.

It appears that only you believe that the keyUsage field must be
interpreted as an interdependent unit instead of a collection of
independent usages, and that the PKIX definition is incorrect and
must be rewritten.  The straightforward interpretation is that the
bits are independent and can be set in any combination, subject to
domain-dependent decisions concerning security assurance, usability,
cost, etc.

If we accept your interpretation that there are 4 flavors {A,B,C,D} of
things that can be done with a digital signature algorithm that
"support a nonrepudiation service", and assume that there are 7 other
things {E,F,G,H,I,J,K} that can be done with a digital signature algorithm,
two of which are signing key certs {F} and signing CRLs {G}, then the
straightforward interpretation says that the keyUsage bits enable the
digital signature "things" in an independent manner:

keyUsage Bit         Things that can be done with digital signatures/keys
DS NR KS CS          A B C D E F G H I J K    (.=No, Y=Yes)
-----------          ---------------------
0  0  0  0           . . . . . . . . . . .
0  0  0  1           . . . . . . Y . . . .
0  0  1  0           . . . . . Y . . . . .
0  0  1  1           . . . . . Y Y . . . .
0  1  0  0           Y Y Y Y . . . . . . .
0  1  0  1           Y Y Y Y . . Y . . . .
1  0  0  0           . . . . Y . . Y Y Y Y
1  1  0  0           Y Y Y Y Y . . Y Y Y Y
1  1  1  1           Y Y Y Y Y Y Y Y Y Y Y

If a consensus is later reached that there is a fifth digital signature
thing {E} which supports non-repudiation, then thing E would be
indicated by the NR bit instead of by the DS bit.  But that does not
mean that the settings of the DS and NR bits have somehow become
dependent; they can still be set in any combination, and they still
legitimately signify sets of "things" as long as the things themselves
are not mutually exclusive. (You can't, for example, define thing "C"
as "not-K").