On Sat, 28 Jan 1995 TCJones(_at_)dockmaster(_dot_)ncsc(_dot_)mil wrote:
Bob J> But if the security of the system depends in any way of the
certificate distribution mechanism, whether X.500 or something else,
then we have failed completely. We _certainly_ should not be depending
on a secure protocol.
Rhys> While you are right that the security of certificates should not
depend on the security of the protocol, there are other issues.
This is the part of the PEM discussion where I always get lost. I
realize that the certificates can be passed from hand-to-hand or any
other way that works, BUT, since non-repudiation is not possible unless
we are assured that no CRL is out-standing, secure communications to
assertain that fact is required. Bob's conclusion would apply then, no?
Secure communications would be needed to find out whether a CRL exists or
not (otherwise a cracker could point the user's software at a pseudo-CA
which doesn't return any CRL's). After that, the validity of the CRL
depends only on the signature on the CRL. So, Bob's conclusion applies to
what happens after my conclusion. :-)
For what it's worth, I'm doing a few experiments with LDAP at the moment
to see just how useful X.500 is for PEM's purposes. Stage 1 is an LDAP
client that talks to normal X.500 servers. Stage 2 is an LDAP server
which interfaces to a RIPEM-like key database and just happens to look
like X.500. Lightweight is best. Stage 1 will hopefully be completed
soon (a month or so). Source code will be made available.
Cheers,
Rhys.
--
Rhys Weatherley, Queensland University of Technology, Brisbane, Australia.
E-mail: rhys(_at_)fit(_dot_)qut(_dot_)edu(_dot_)au "net.maturity is knowing
when NOT to followup"