From: Brad Templeton (brad@templetons.com)
Date: Mon Oct 15 2001 - 14:49:18 CDT
On Mon, Oct 15, 2001 at 09:58:08AM +0000, Charles Lindsey wrote:
> In <20011012111759.C4901@main.templetons.com> Brad Templeton <brad@templetons.com> writes:
>
> >> >Why is putting the certificates in the articles so bothersome to you?
>
> Because they are large and cumbersome. They may be better in the case
> where millions of keys exist on Usenet, and every site needs to be able to
> verify any of them, but I don't accept that is a ball park we want to be
> playing in.
Ah. The point is that long certificate chains would exist extremely rarely.
Any time a chain is going to be used with any frequency, it will be
recommended that a certificate collapse be done.
In a certificate collapse (which I've talked about a lot so I am surprised
you were unaware) the holder of a chain of certificates sends the chain
to the holder of the top key in the chain. That holder (or a daemon as this
can easily be automated) converts the chain into a single certificate
signed by the top key.
Ie. If Harry has a chain that says:
"I, Tale of the top level key certify that Joe has root power for comp.*
Joe certifies that Fred has root power for comp.sys.*
Fred certifies that Harry is moderator of comp.sys.apple"
Then Harry sends that to Tale's bot. Tale's bot looks at the chain, confirms
that all certificates are supersets of the final one and issues:
"I tale, of the top level key certify Harry as moderator of comp.sys.apple"
And now Harry has a single certificate that he can put in all the articles
he approves.
One can in theory go further. For example, a "hub site" that knows all its
leaf downstreams and is trusted by them could replace it all mid-stream,
if you want to be efficient, with a simple signature, or if the link is
trusted a single flag that says, "Your hub confirms this article is trusted"
However, I don't recommend this any more because I think it's better to
leave the audit trail behind.
Now, on messages like newgroup, which are extremely rare, why not leave the
whole chain? But if you will be signing a lot, then get a collapsed
cert.