dual-use digital signature vulnerabilityastiglic at okiok.com

Richard Levitte - VMS Whacker levitte at stacken.kth.se
Mon Jul 26 16:00:51 EDT 2004 

In message <6.1.2.0.2.20040725133222.0387de40 at mail.comcast.net> on Sun, 25 Jul 2004 13:41:56 -0600, Anne & Lynn Wheeler <lynn at garlic.com> said:

lynn> At 07:07 PM 7/24/2004, Peter Gutmann wrote:
lynn> >A depressing number of CAs generate the private key themselves
lynn> >and mail out to the client.  This is another type of PoP, the
lynn> >CA knows the client has the private key because they've
lynn> >generated it for them.

Peter, are you talking about generic CAs or in-corporation ones?  I
can definitely see different needs between those.

lynn> one could claim that there might be two possible useage
lynn> scenarios, involving two different thread models: encryption and
lynn> authentication.
lynn> 
lynn> from a business standpoint the encryption of corporate data
lynn> (especially data at rest .... which might include some of the
lynn> corporate jewels) can represent single point of failures ... if
lynn> private key is required for the recovery of corporate jewels and
lynn> the private key isn't reliably replicated (to avoid single
lynn> points of failure); then there is a serious, corporate,
lynn> overriding availability threat.

That's all and well, but I can't see why that would be interesting to
a generic, third-party CA.  If you're talking about a CA within the
same corporation, then I can understand, since they usually (as far as
I can guess) work from a different standpoint and with different
priorities.

What you describe feels to me like encryption is ill understood and
placed in the hands of random individuals.  If you want safety and
recoverability, there's nothing like one or several backups, maybe
protected with different means (different encryption, different
storage media (including vaults), different keys, and so on).

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte   \ Tunnlandsvägen 52 \ LeViMS at stacken.kth.se
Redakteur at Stacken  \ S-168 36  BROMMA  \ T: +46-708-26 53 44
                    \      SWEDEN       \
Procurator Odiosus Ex Infernis                -- poei at bofh.se
Member of the OpenSSL development team: http://www.openssl.org/

-----------------------------------------------------------------
A: Because it fouls the order in which people normally read text. 
Q: Why is top-posting such a bad thing? 
A: Top-posting. 
Q: What is the most annoying thing on usenet and in e-mail?

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list