[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Server-signatures: Re: proposed key usaged text -- the final round

To: "Denis Pinkas" <Denis.Pinkas@xxxxxxxx>, "Russ Housley" <housley@xxxxxxxxxx>, "Tim Polk" <wpolk@xxxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: Server-signatures: Re: proposed key usaged text -- the final round
From: "Anders Rundgren" <anders.rundgren@xxxxxxxxxx>
Date: Sun, 28 Nov 1999 09:08:32 -0000

Hi Guys,
I just wonder how your NR-text matches server-based signatures.
The following text of yours indicates some problems in this area:


    >The protection afforded private keys is a critical factor in main-
    >taining security. On a small scale, failure of users to protect
    >their private keys will permit an attacker to masquerade as them, or
    >decrypt their personal information. [stuff about CA keys deleted]


"entity owning the private keys" used in other places looks like a
good replacement for user.   Or why not start with a definition of
user that can be both a person or a device and that
a person can be the owner or just be a trusted user (employee) of said private keys?

Anders

Follow-Ups:
- Re: Server-signatures: Re: proposed key usaged text -- the final round
  - From: Tony Bartoletti

Prev by Date: Re: proposed key usaged text -- the final round
Next by Date: dnQualifier topic - not solved yet.
Previous by thread: IPSec 2000
Next by thread: Re: Server-signatures: Re: proposed key usaged text -- the final round
Index(es):
- Date
- Thread