How much for a DoD X.509 certificate?

Fri Aug 12 12:43:20 EDT 2005

John Saylor wrote:
 > as i understand it, the problem here was that credentials were issued by
> an untrustworthy agent. you can have this scenario both online and off.
> how does being online solve the problem of a compromised issuing
> authority?

the justification for having offline credentials typically has been
because 1) the technology isn't available for doing an online
infrastructure for accessing the real data or 2) the value of the
operation doesn't justify the cost & expense of having a real online
infrastructure.

the statement was that most modern day infrastructures have gone to real
online operations where the real information is accessed rather than
substitute offline credential .... this transition has been

1) the online technology to access the real information is becoming more
ubiquitous,

2) the cost of doing online access to the real information has been
dropping,

3) many of the security sensitive infrastructures realize that they now
can easily justify any incremental expense of full online operation
(including the additional benefits of being able to analyze activity
across multiple sequences of security related events ... rather than
each individual security event occuring in offline isolation purely
based on the contents of the offline credential).

I've frequently explained the analogy that offline credentials are
basically a read-only cache of the real information stored in a
repository some place. they are a direct analogy (modulo possibly the
read-only characteristics) of distributed cpu cache/memory, distributed
databases, ... any kind of distributed operation where specific
activities go on referencing in isolation the local read-only copy.

so if you physically compare direct access operation to the real
information (including the ability to have a global view of operations
across individual events and be able to re-act and correct in real time)
... vis-a-vis offline, isolated, distributed operation involving the
copies  .... there are a significantly larger number of places that
directly touch the distributed read-only copies which can possibly
result undetected corruption (compared to direct accesses to the real
information).

it isn't that there aren't touch points that can corrupt the real
information ... it is just that there possibly are several orders of
magnitude fewer touch points that can corrupt the real information.

in a PKI, certification authority operations ...

1) the "real information" is the authoritative agency responsible for
the actual information.

2) typically a certification authority then will create its own
repository operation duplicating the real information

3) it creates a certificate containing some subset of the real
information which is relatively freely released to the world.

the issue is that in the real respository #1 and possibly any
certification authority's shadow #2, the possible value of criminal
corruption of the real information is a lot higher ... but there tends
to be significantly larger number of security countermeasures against
there being any sort of corruption.

the individual certificate copies released into the wild tends to have
much fewer countermeasures and a much large number of infrastructure
attack points. in the case of the original ... the information is either
correct or it is not correct. in the offline credential copy ... the
offline credential copy can 1) be a copy of incorrect information (from
the original)  or 2) possibly be one of many counterfeit copies
containing fraudulent information.

so the online infrastructure is not concerned about there being
counterfeit copies of the information or ficticious counterfeits (of
information that doesn't even exist at the original) ... because copies
don't exist.

online infrastructure, however is concerned about valid authentication
and the counterfeiting of valid authentication information. i contend
that this is a much narrower exposure than the exposure of having
generalized counterfeit information floating around random locations in
the infrastructure. furthermore, the online infrastructure has much
greater capability for tracking and potentially recognizing counterfeit
authentication operation and furthermore, being able to react to it in
real time.

So somewhat after I was making statements about online infrastructure
having much fewer and narrower corruption points, having more capability
for recognizing compromises (being able to analyze patterns across
multiple security related events) and doing real-time re-acting ...
there started appearing things like OCSP.

However, i claim that if you can do an a real-time, online operation ...
you are incurring the majority of the expense of doing a real-time,
online operation ... and therefor you would have much higher integrity
simply transitioning to a real-time, online operation ... and eliminate
the offline information that is floating around out in the wild.

slightly related recent posting regarding sanity check about whether you
have a fundamental online system or a fundamental offline system ... and
if you have a fundamental online system ... then it is trivial to show
that digital certificates are redundant and superfluous in a fundamental
online system, and if you can show digital certificates are redundant
and superfluous in a fundamental online system ... then you can also
show that certification authorities and PKI  are also redundant and
superfluous.
http://www.garlic.com/~lynn/2005n.html#33 X509 digital certificate for
offline situation
http://www.garlic.com/~lynn/2005n.html#43 X509 digital certificate for
offline situation

aka ... fundamentally digital certificates were designed to specifically
address the offline situation. frequently the use of digital
certificates in online situations are contrived and results in being
able to trivially show that they are redundant and superfluous.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com