Re: [Asrg] S/MIME



Ken Hirsch wrote:

From: "Doug Royer" <Doug(_at_)Royer(_dot_)com>

No the identity matches the cert. Your talking about content fraud not
identity fraud.


Consider the following two scenarios.
1. A person lies to the CA about their identity, yet the CA issues them a
certificate.
E.g. http://www.microsoft.com/technet/security/bulletin/MS01-017.mspx

Yes - and that CERT was REVOKED before most people knew of the fraud orerror.Try to use it and all receiving systems tag it as an invalid revokedsignature because

the revocation list for that CA lists that serial number as revoked.

Problem solved and that fixed the problem. So in effect the CERT wasblacklistedby all sites even when they do not use blacklists. Because it works touse certs.

2. An email worm installs spyware which steals certificates off of PCs and
installs keystroke logging software to steal the password.  A spammer uses the
thousands of certificates to send email.

As soon as the blacklist sites detect it as spam, that cert isblacklisted. Problem solved nomatter how many variations or password protected zip files it sends, itis stoppedonce that cert is blacklisted. In many cases within minutes of the startof the spamming

when they spam some sites. Because certs work.

Now the owner of that cert can contact their CA and say it was stolen,and havethat serial number revoked. Now it is invalid to all sites even to sitesthat do not

use blacklists.

If either of these result in somebody sending mail claiming to be
"Doug(_at_)Royer(_dot_)com", is this identity fraud or content fraud?

Try to buy an email cert from a CA that I trust for royer.com. Samething I toldthe other guy - I'll pay you twice their fee if you can get an emailcert for a

royer.com email address.

If the content of the email says I am 'Royer Real Estate' (royer.ca) andI amnot and I then I sign it doug(_at_)royer(_dot_)com, then it is content fraud andnot identity

fraud because my identity is 'doug(_at_)royer(_dot_)com' and that is what the 
valid
signature says.


--

Doug Royer                     |   http://INET-Consulting.com
-------------------------------|-----------------------------
Doug(_at_)Royer(_dot_)com                 | Office: (208)520-4044
http://Royer.com/People/Doug   | Fax:    (866)594-8574
                              | Cell:   (208)520-4044

             We Do Standards - You Need Standards

smime.p7s
Description: S/MIME Cryptographic Signature

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Asrg] S/MIME, (continued) Re: [Asrg] S/MIME, David Maxwell Re: [Asrg] S/MIME, Mark Baugher RE: [Asrg] S/MIME, Tom Thomson Re: [Asrg] S/MIME, Eugene Crosser Re: [Asrg] S/MIME, Alan DeKok Re: [Asrg] S/MIME, Doug Royer Re: [Asrg] S/MIME, Alan DeKok Re: [Asrg] S/MIME, Doug Royer Re: [Asrg] S/MIME, Ken Hirsch Re: [Asrg] S/MIME, George Ou Re: [Asrg] S/MIME, Doug Royer <= Re: [Asrg] 0 General - Fake HIV Letters in mail, John Levine [Asrg] Re: S/MIME, Doug Royer Re: [Asrg] Re: S/MIME, Yakov Shafranovich Re: [Asrg] Re: S/MIME, Doug Royer Re: [Asrg] Re: S/MIME, John Levine Re: [Asrg] Re: S/MIME, Doug Royer Re: [Asrg] Re: S/MIME, der Mouse Re: [Asrg] Re: S/MIME, Yakov Shafranovich Re: [Asrg] Re: S/MIME, der Mouse