signing entity in X.509

[Ed Gerck <egerck@xxxxxxx>]

All:

The question has been called by Tony Bartoletti, whether "signing
entity" should be read (and, written) as "certificate subscriber" in one
of the definitions for non-repudiation (NR) found in X.509:

 nonRepudiation:  for verifying digital signatures used in providing
 a nonrepudiation service which protects against the signing entity
 falsely denying some action (excluding certificate or CRL signing,
 as in f) or g) below)


I wish to provide some of my conclusions on this, which may be
useful at this time.

There is a single occurrence of the words "signing entity" in X.509
and they occur only in that one definition for non-repudiation copied
above.  Since certificate or CRL signing are *excluded* from that NR
definition, the "signing entity" cannot be the CA.

Next, I recall that while X.509 focuses on defining a mechanism by
which information can be made available in a secure way to a third-party,
X.509 does not intend to address the level of effort which is needed
to validate the information in a certificate neither define a global
meaning to that information outside the CA's management acts.
The main purpose of a CA is to bind a public key to the name
contained in the certificate and thus assure third parties that some
measure of care was taken to ensure that this binding is valid for
both -- i.e., name and key. However, the issue whether a user's DN
actually corresponds to identity credentials that are linked to a
person or simply to an e-mail address -- and how such association
was verified --  is outside the scope of X.509 and depends on each
CA's self-defined CPS.  For X.509 quotes supporting these
conclusions, see [1].

In other words, X.509 deals with abstract and formally defined protocol
entities such as name and key, while the CPS is the interface between
such abstract entities and materially defined entities with flesh, blod,
nuts, bolts and legal papers such as persons, machines and companies.

Further, and this was a design choice of X.509, the very specification
how this interface is to be built and work is NOT given in X.509 but
left to the interface itself [2].  So, a CPS may assign a DN to a machine,
a person or a corporation in one-to-one, many-to-one, one-to-many,
many-to-many and even any-to-none combinations -- which DN becomes
then the entity called "certificate subject" in X.509.

So, "signing entity" as cited in one NR definition of X.509 could only be
an entity of X.509, not of the CPS (the world of persons and corporations).
Since it cannot be the CA (excluded in the NR definition), it can only be
the certificate subject.

Thus, it would be beneficial to deprecate the term "signing entity" in
X.509 and use "certificate subject", otherwise implementors and users
may labor under the misleading impression that X.509 deals with persons
or corporations in that regard -- it does not, it generally deals with
credentials and such credentials are quite arbitrarily defined in a CPS.

Comments are welcome.

Cheers,

Ed Gerck

-----------------------------
REFERENCES:

[1] Overview of Certification Systems, in http://www.mcg.org.br/cert.htm

[2]  For example, regarding validation procedures for the user's identity,
Section 11.2.a states that: "a certification authority shall be satisfied of t
he identity of a user before creating a certificate for it", which means that
identity validation procedures are to be satisfied in the CA's frame of
reference by following the CA's own self-defined rules (called CPS), which
are declared outside the scope of X.509 and can be entirely different for
different CAs. [1. ibid.]