Actually, isn't that really what is proposed by putting attributes into the
certificate? Are you asking someone for assurance that the signature and,
therefore, that which is signed, is not a lie?
Actually, all sardonic wit aside, this is a REALLY good question, and it
underlies
a lot of the arguing back and forth about what a digital signature means, what
is implied by a CA vouching for a users, etc. I think you have hit the nail on
the
head.
Steve Kent and others argue eloquently, and maybe even fairly persuasively,
that the current X.509 certificate is intended for identification only, and that
there are no semantics, implied or otherwise, to a digitally signed message
unless arranged by an out-of-band agreement.
I have a real problem with that, even if the X.509 certificate was only used to
confirm as user's identity prior to starting a encrypted dialog with him.
In particular, if a user is issued a certificate by an organization who
CERTIFIES him (as opposed to merely registering his name), every lawyer
I have ever talked to would be more than willing to take the case claiming
a deep pockets relationship between the user and the organization.
This isn't news, of course. If you say or write anything at all, someone could
potentially sue you, and your company, etc., etc. The difference lies in the
shifting of the burden of proof, and the extent to which a digital signature
will
be considered more of an oath or affirmation by its more solemn nature, not
unlike having a document notarized.
(In the US and English common law system, unlike the civil law system in the
predominately Catholic countries, a notary's seal is almost worthless.
Contrary to most people's understanding, lying under oath to a notary does not
even
constitute perjury, except in the state of Florida and in cases involving
federal
procedures where self-sworn oaths under perjury carry equal weight. In the past,
when arguably people were more God-fearing and less lawyer-fearing, swearing
under oath to a notary was presumed to be an invitation for God to strike you
dead with a lightening bolt if you lied. Unfortunately, that doesn't happen
very often, and so it has lost its deterrance effect. (As Jay Leno observed
recently,
maybe even God has a hard time getting a jury to convict these days.)
Nonetheless,
a statement that is sworn before a notary carries with it some additional
weight of
burden of proof, and it makes repudiation much more difficult. There would seem
to
be some reason to think that the same would happen with a digital signature.)
Although I certainly respect Steve's expertise in many of these areas, I would
rather have a lawyer represent me on this issue.
The real question, therefore, is how to effectively implement the Orwellian
imperative, "Everything Which Is Not Explicitly Allowed is Forbidden," so that
the
implied liability is not unlimited. In other words, how can we make attributes
strictly additive, and therefore completely determinate?
BTW, after reading some of Micahel Baum's tome on the legal implications of a
Federal Certification Authority, I was struck by the difference in implication
between a Certification Authority and a Registration Authority. It seems to me
that, just as you said, a CA provides assurance, and by implication INSURANCE,
that the user is who he says he is, and that he is not misrepresenting himself
or the message.
On the other hand, a REGISTRATION authority merely testifies to someone's
name, a la a driver's license when used for identification.
That being the case, maybe we should talk about a Residential Person
REGISTRATION Authority, rather than a Certification Authority? At least
if the Post Office or the Dept. of Motor Vehicles is responsible, I think that
is the
best they can do. Now if your local bank, attorney, common carrier, or other
organization with which you have a permanent and ongoing relationship
wants to certify you to some higher standard, that is fine. At least they will
be in a better position than the Post Office to know if you are alive or dead
(witness the old lady who was dead for four years before anyone knew!)
Bob