Re: PEM and PCAs

        From:    tytso(_at_)ATHENA(_dot_)MIT(_dot_)EDU (Theodore Ts'o)
        To:      James M Galvin <galvin(_at_)tis(_dot_)com>
        Date:    Mon, 14 Feb 94 16:23:58 EST

           Date: Fri, 11 Feb 1994 13:33:27 -0500
           From: James M Galvin <galvin(_at_)tis(_dot_)com>

           In TIS/PEM, a communicant's key is trusted by the user
           setting the flag for the certificate containing it.

           A communicant's key is always trusted by its issuer,
           otherwise the issuer wouldn't be creating the certificate.

           Now, it isn't that far a stretch to suggest that a user
           setting the designated valid flag for a certificate is
           "issuing" it and, as such, the user is responsible for
           determining that the information in a certificate is valid
           before setting the flag, just as an issuer must do before
           creating a certificate.

        No, there's a difference between the two.

        In the first, anyone who has access to the TIS/PEM key database
        can modify it, set the "designated valid bit" and spoof you out.

I fail to see how this vulnerability does not exist for any
implementation of any security service?

        In the second case, since you are creating and signing a
        certificate, only somone who has access to your private key can
        compromise you in this fashion.  When you validate the
        certificate chain, the last certificate you verify is your own,
        instead of checking some magic bit.

If my certificate is one end of every certificate chain, I fail to see
how stopping at the certificate before mine (by checking the "magic bit"
as you say) is any different than stopping at my certificate?  In fact,
I believe the former would allow the validation process to complete more
quickly, and thus might be regarded as an enhancement.

        This means that my public
        key database can be moved around freely without worrying about
        tampering, since *all* of the information is self-verifying.

I fail to see how our implementation does not meet this criteria?
Certificates are public information that can be moved around freely and
"easily" verified by anyone receiving them.  Feel free to pass around
the "self-verifying" certificates from the TIS/PEM database.

Jim

bin9t3V4OKL5X.bin
Description: application/signature

<Prev in Thread]	Current Thread	[Next in Thread>
PEM and PCAs, Jeff Thompson Re: PEM and PCAs, Mr Rhys Weatherley Re: PEM and PCAs, James M Galvin PEM and PCAs, Steve Dusse Re: PEM and PCAs, James M Galvin Re: PEM and PCAs, Theodore Ts'o Re: PEM and PCAs, James M Galvin <= Re: PEM and PCAs, Derek Atkins Re: PEM and PCAs, Theodore Ts'o Re: PEM and PCAs, Theodore Ts'o Re: PEM and PCAs, James M Galvin Re: PEM and PCAs, jueneman%wotan Re: PEM and PCAs, Ashar Aziz Re: PEM and PCAs, Raymond Lau Re: PEM and PCAs, Derek Atkins Re: PEM and PCAs, Ashar Aziz Re: PEM and PCAs, Raymond Lau

Previous by Date:	Re: PEM and PCAs, James M Galvin
Next by Date:	Re: PEM and PCAs, Derek Atkins
Previous by Thread:	Re: PEM and PCAs, Theodore Ts'o
Next by Thread:	Re: PEM and PCAs, Derek Atkins
Indexes:	[Date] [Thread] [Top] [All Lists]