Last Wednesday, Jueneman(_at_)gte(_dot_)com writes:
Some have suggested that we use the public key itself, or at least a digest
of
it as a emans of identifying and/or retrieving a certificate. Unfortunately,
there may be a number of cases where the same public key may be used in
different certificates, for example to provide different levels of
authorization, or simply to change hats or roles without having to manage
multiple keys.
My suggestion, therefore, is that we identify the certificate by taking a
message digest of the entire certificate itself.
Suppose you sign a message and identify yourself by using the digest
of the certificate for role A in the Originator-ID. Then suppose I
alter this while the message is in transit so that the Originator-ID
now indicates the digest of the certificate for role B. The recipient
will have no way of knowing, since both certificates have the same
public key and the message signature will verify just as well.
The point is: this process of changing hats or roles is not protected,
so long as the different roles have the same keypair. They are
equivalent from a security standpoint, so using the public key itself
as an identifier works just as well.
- Jeff
Excellent point. I stand corrected.
Bob
--------------------------------
Robert R. Jueneman
Staff Scientist
Wireless and Secure Systems Laboratory
GTE Laboratories
40 Sylvan Road
Waltham, MA 02254
Internet: Jueneman(_at_)gte(_dot_)com
FAX: 1-617-466-2603
Voice: 1-617-466-282