Re: Global PKI on DNS?
2002-06-14 05:30:10
Ed,
Keith Moore wrote:
> A PKI modeled on the DNS would parallel
> the existing hierarchy and merely codify the relationships expressed
> by it in the form of public key certs.
so what you're saying is that the cert would mean something like:
;-) actually, to a lawyer, a PKI cert says something like:
"By issuing this certificate We state in accordance with the
rules which We
make and vary as We think fit for that purpose from time to time without
accepting any obligation to any other person (including any Internet
standardization entity) for the effect or consequences of Our choice of
those rules or of Our variation of them, hereafter called "CPS," that:
Good start.
1. The text string herein designated 'name' contains the string
received by Us
from a person, entity or machine, hereafter called entity,
claiming it as that
entity's name.
Note that we are talking about certs with DNS names, not general DNs,
and the DNS name is precisely what any DNS admin already asserts is
accurately represented in the DNS sever he/she manages.
2. We may have taken some measures at some time to receive
evidence (which
We may not have preserved and may not be able to produce) of a
connection between the name and the entity from whom it was apparently
received.
Again, because of the name space in question, and the intrinsic
limitations on what names can be asserted as one goes deeper in the
hierarchy, the issue you cite here is not that big a deal.
3. We have reproduced the string as We believe that We received it, which
We have denoted and formatted as to Our exclusive understanding of it,
of its context and of its validity, as regulated by Our CPS.
Formatting is well defined and limited in DNS names, e.g., they are
restricted to a restrictive, caseless character set (prior to
internationalization).
4. We may have tested the bit string herein designated 'key' to
test whether,
at the date appearing in this certificate, it appears to correspond to a
counterpart apparently available to the entity from whom We apparently
received the name.
Whether POP was employed or not should be part of the CPS, as you
know, so this point is inappropriately vague.
5. We are whom We claim to be. This claim can be verified by
checking Our
signature on this certificate We supply with a key which We
claim to be Our
public key. We do not offer you any grounds for believing that
the public
key in question is Our public key or that it has not been revoked before
or after the date of signature of this certificate. The only evidence We
provide of the correctness of the date of signature stated in
this certificate is
that it is dated before the date on which you are reading this
certificate.
Except at the root, the CA is who the next higher tier has verified
it to be, which is precisely what the DNS asserts today, but without
any security mechanisms for assurance.
6. We may revoke this certificate at any time without telling
you or anyone
else. The fact that you have downloaded this certificate from Our server
does not mean that it has not previously been revoked. The fact that no
revocation for it can be found in Our server does not mean that this
certificate is valid either.
7. You may rely on this certificate only at your own risk, and
by so doing
you confirm your acceptance of the conditions subject to which
it is issued
as stated in the CPS for the time being in force, which is not to be
construed as any obligation regarding the time this certificate
was signed by Us or
used by you. These conditions include terms prohibiting you
from claiming
to be inadequately qualified or trained to understand or apply
the conditions,
or to have relied upon Us as an expert, or that you were forced
to rely on
Us through lack of information with which to verify Our
statements, or that
you were forced to rely on Us through lack of choice by any
reason such as
the named entity's lack of alternatives for certificates, the
browser's lack
of alternatives for embedded root keys, etc.
And how would this be worse than relying on unsecured DNS responses?
8. What public-key cryptography has joined, may time and
machines not part,
but of such binding We provide no assurance.
In Honor of Our Root-Certificate, which attests to Our faith in the
Root-Key, until We decide to revoke them but maybe not both."
Again, if one established a PKI that paralleled the DNS, item 8 would
apply to only one point in the system, and that could be managed in a
parallel, distributed signature fashion.
I think your sample CPS, while more than a little tongue in cheek, is
a good example of what a CA may assert. But, in the DNS context, many
of the issues you note are much less serious concerns than in a
general CA context, because of the existing limitations on the names,
the existing semantics associated with names by the DNS, ...
Steve
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: Global PKI on DNS?, (continued)
- Re: Global PKI on DNS?, Harald Koch
- Re: Global PKI on DNS?, Stephen Kent
- Re: Global PKI on DNS?, Keith Moore
- Re: Global PKI on DNS?, Ed Gerck
- Re: Global PKI on DNS?,
Stephen Kent <=
- Re: Global PKI on DNS?, Ed Gerck
- Re: Global PKI on DNS?, Stephen Kent
- Re: Global PKI on DNS?, Ed Gerck
- Re: Global PKI on DNS?, Eric Rescorla
- Re: Global PKI on DNS?, Ed Gerck
- Re: Global PKI on DNS?, Eric Rescorla
- Re: Global PKI on DNS?, Stephen Kent
- Re: Global PKI on DNS?, Ed Gerck
- Re: Global PKI on DNS?, Stephen Kent
- Re: Global PKI on DNS?, Ed Gerck
|
|
|