[Top] [All Lists]

Re: Problem for public CAs

2000-02-09 09:26:49

Certificates usually contain a subject name and a public key. However, this information is not adequate for a mail user agent to determine which certificate goes with a particular e-mail address. That is why the S/MIME RFCs require the inclusion of the e-mail address in the subjectAltName.

Several people have tried to build S/MIME capabilities that support certificates without e-mail address in the subjectAltName. The results are security vulnerabilities! The address book must be used to associate the certificate and the e-mail address. Users are not very good at associating the correct certificate with the correct address book entry (that is, the correct e-mail address). This mismatch has impacts on both authentication and confidentiality.


At 02:24 PM 02/07/2000 +0000, Graham Laws wrote:
For public CAs, particularly in Europe, the requirement to place an email
address in the subjectAltname extension of each x.509 public key certificate
in order to enable S/MIME is a big problem.

Firstly, all such certificates must reside in a public Directory. Any
determined spammer is going to be able to easily create an immense spam list
from the Directory's entire certificate population, using a few LDAP calls
and an ASN.1 decoder. Our customers are already nervous at the prospect of
this, and for potential customers it may be a significant bar to take-up.

Secondly, the European Privacy Directive looks very unfavourably upon
real-world identities being in any way expressed both in the Subject and
SubjectAltName attributes of the public key certificate. This would appear
to rule out S/MIME for those whose names are embedded in their email
addresses, e.g.  graham(_dot_)laws(_at_)postoffice(_dot_)co(_dot_)uk

The issues raised by the second point are relatively easy to circumvent. Use
pseudonymous names for the Subject, and insist on a pseudonymous email
address if S/MIME is required.

But the first point about the ease with which spam lists can be created is a
real worrier. I have looked through previous threads, including the one
entitled "Mail addresses in S/MIME certs", but I can't find where these
specific issues have been discussed before.

Comments/discussion via this forum welcome.

Best Regards
Graham Laws

Graham Laws
PKI Systems Technical Consultant
Royal Mail ViaCode      Phone :         +44 (0)1246-293761
Block A, 1st Floor      Postline : 5453-3761
St. Mary's Court                Fax :   +44 (0)1246-293751
St. Mary's Gate
S41 7TD

Public Key Validation String : MXZQ-7MM5-9A58

<Prev in Thread] Current Thread [Next in Thread>