Re: Inclusion of the issuer and serial number in authenticated in formation1998-03-18 11:59:44Denis Pinkas writes: (Response from Jim) Denis, This is not sufficent to fix your problem. If the Postal Service in Banana Republic is using the same name, why would they not use the same serial number as well? In the case I described, they do use the same serial number. I believe that you are mistaking Jim's point. He was suggesting that the Postal Service use the same serial number in its own (self-signed) certificate that the Postal Service in the US uses. This produces an identical sequence either way. Then you would not have any advantage by putting in the sequence to the issuer. Not exactly. The next sequence (assuming it ends up to a trust point) will allow to make the difference between the Postal Service from the US and the postal Service from the Banana Republic. If this is not yet a trust point, then you add another leg and so on until you reach a trust point. A I said, this is one possibility among others. But supposing that our cracker is churning out certificates willy-nilly, he can reproduce and replace as many issuer-serialnumber pairs as he wishes. The point at which his attack fails is when the chain you're validating reaches a trust point. The solution to this is that you don't trust the certificates in the message independant of other verification, and a sequence of IaSNs doesn't affect this one way or the other. To recap: Jim's suggestion was a solution to the problem of a cracker substituting one of my certs for the other, when both contain the same public key, but they have different legal meanings. I'm not aware of a CA anywhere which has seperate certs for itself with different dnames and the same public key; I'd imagine that CA would be asking for trouble. Instead we should have something like: The certUID is the Certificate Unique Identifier. I have no problem with this as an authenticated attribute. Andrew.
|
|
||||||||||||||||