Steve Kent writes:
4. Self-signed certificates
What can I say? Self-signed certificates are almost an
oxymoron. I do not disagree with the observation that such
certificates allow bottom up system growth.
Then the question remains whether bottom up system growth should be a
goal of the PEM effort.
But what you get when
you take this path is a mess, with no sense of assurance.
Self-signed certificates are currently specified in RFC 1424 as the
mechanism for conveying one's public key to their intended
certificate issuer. I do not perceive this as "a mess with no sense of
assurance". Rather, it is a convenient means for conveying one's
public key to another party which (when an out-of-bands check is
performed) can utilize the information to establish trust in the
key-name binding.
RIPEM, with
a certificate server capability, is precisely a system that requires
trust in that server (or set of servers when one isn't enough) and
that is counter to the goal of certificate use.
RIPEM 1.1 had inadequate security (IMHO) because it _did_ rely on trust
in the key server.
RIPEM 1.2 forces a user to explicitly specify that the key in a
self-signed certificate is to be trusted by creating a certificate for
that key. It does not trust the key in a self-signed certificate
until this explicit certification is performed. This is simply
applying the RFC 1424 certification model on a user-to-user basis.
Cheers,
Steve