Message-Id: <9306122227(_dot_)AA18404(_at_)TIS(_dot_)COM>
Subject: Re: (Non-PEM) self-signed certificate
Date: Sat, 12 Jun 93 18:27:22 -0400
From: Stephen D Crocker <crocker(_at_)TIS(_dot_)COM>
As you said, you have to check that the key is the same one you saw
before. Otherwise someone could choose the same dname, (presumably
with a different key), and you could be spoofed if you didn't check
the key.
Yes, you're correct. Of course, I have long been in favor of using the
public key itself as the primary sorting key or identifier of people in PEM
software, using the dname only as secondary information:
1. We know the public key is unique. Attempts to make the dname
unique lead to all sorts of administrative debates which seem to
retard the deployment of PEM.
2. We know that a self-signed public key is valid (came from its
owner). We know a dname is valid only if it's signed by someone we
trust -- therefore we need a trust hierarchy.
Personna certificates give what I'm asking for -- but less directly than if
we had used the public key as the person identifier in the first place.
Of course, I know I've lost that battle every time I tried it, so I note
that here only for historical purposes...not to join the battle again.
- Carl