pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

COST-PEM and Certificate Validation

1993-06-15 08:13:00
from [Sead Muftic] [Permanent Link] 

Dear Mr. Lowry:

You and mr. G. Bailey have raised some very significant
questions, related not only to our current PEM implementation,
but I should say to the whole PEM specifications.

1. Our CURRENT PEM implementation does not distribute CRLs,
   but one of the future versions will. Our current approach
   is based on availability (by users) of CURRENTLY VALID
   certificates, vs. all revoked certificates. After all,
   those are that you need.

2. I wonder, if you don't trust some CA to send you CURRENTLY
   VALID certificates in the path of your partner, how can
   you trust the same CA to send you the CRL, when both
   messages are THE SAME TYPE of the PEM letter (MIC-ONLY).

3. The problem of stolen certificates (challenged to our
   implementation !) is in fact the problem of the "delay"
   period. But that period exists even in current PEM RFCs,
   since CRLs are distributed only periodically. I wonder
   how mr. Bailey would solve his problem of stolen
   certificate in the period while victim's partners still
   haven't received the CRL.

4. The problem of criminal family, i.e. false CA: In our
   implementation, in order to keep strict hierarchy of
   CAs, that is not possible, since our every CA "knows"
   its upper level CA and its subordinate level CAs.
   If CA structure is "open system", so that any entity
   being able to perform CA functions can apply and be
   registered by any other CA, how the hierarchy can be 
   guaranteed.

5. Regardless of our "acceptance" of the necessity of CRLs,
   I must admit that I don't see even in the coming versions
   of our system how they will be implemented, since, as much
   as I understand PEM RFCs, EVERY USER MUST HAVE ALL THE CRLs
   of ALL CAs above ALL OF HIS PARTNERS !!! Next, when some
   user sends a new certificate to CA, i.e. declares the current
   as revoked, how that CA will know where (around the world)
   that user has distributed his certificate and where to send
   the CRL.

I would like to emphasize again that IN THIS STAGE and IN THIS
VERSION of COST-PEM system, we didn't pay so much attention 
to the CRLs, what I have explicitely stated in our PCA
policy. Therefore, I do not claim that our system is fully
in compliance with PEM RFCs, but I am sure that it is
WORKABLE and represents a good basis for initial practical
experience of our (future) users and a good basis for 
further improvements.

Regards,

Sead Muftic
COST Computer Security Technologies AB
Stockholm, Sweden
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Asymmetric key management, Steve Kent
Next by Date:  COST-PEM Certificate Validation and CRLs, Steve Kent
Previous by Thread:  Re: COST-PEM and Certificate Validation, John Lowry
Next by Thread:  CRL's redux, TCJones
Indexes:  [Date] [Thread] [Top] [All Lists]