ietf-smime
[Top] [All Lists]

Re: I-D ACTION:draft-ietf-smime-ess-09.txt

1998-10-24 10:10:33
Francois Rousseau wrote:


It is my understanding that under the German digital signature law, before
a private key can be used to digitally sign something, every usage of the
key requires a new card holder verification. To accommodate this
requirement there is currently a plan for extending PKCS#11 with new
functions and a new attribute. The intention is that a PIN would be needed
each time the private key is being used. However, for reliable
non-repudiation, there are no means to indicate that such a verification of
the PIN was performed under the current signed data syntax of CMS. The
counterSignatureScope attribute could be generalized/expanded in a
"signatureScope" attribute to also address this scenario and possibly others.

Any thoughts?


I'm not sure I follow this. If the "signatureScope" is meant to be a
signed attribute and signed by the signer then it would not be
trustable: any certificate (whether the verification was performed or
not) could include any value they wanted.

There are several possible alternatives. One is an indicator in the
signer's certificate (or issuing CA): since this is signed by the CA it
would be trustable, but that makes it a PKIX issue. This might add a
complication to the S/MIME chain verification in some cases.

Alternatively a countersigner could verify that the siging certificate
was valid for this purpose and include a bit in the proposed
counterSignatureScope signed attribute. This adds the complication that
the client would need to trust the counter signing authority as a "proxy
chain verifier". 

Steve.
-- 
Dr Stephen N. Henson. UK based freelance Cryptographic Consultant. 
For info see homepage at http://www.drh-consultancy.demon.co.uk/
Email: shenson(_at_)drh-consultancy(_dot_)demon(_dot_)co(_dot_)uk
PGP key: via homepage.


<Prev in Thread] Current Thread [Next in Thread>