Citibank discloses private information to improve security

[Anne & Lynn Wheeler]

Ed Gerck wrote:
> Also, in an effort to make their certs more valuable, CAs have made 
> digitally
> signed messages imply too much -- much more than they warrant or can 
> even represent.
> There are now all sorts of legal implications tied to PKI signatures, in 
> my opinion
> largely exagerated and casuistic.

as discussed in numerous non-repudiation posts, dual-use threat posts, 
and posts about human signatures .... where the human signature implies 
that the person has read, understood, authorizes, approves, and/or 
agrees with what is read and understood .,...

the validation of a digital signature with a public key implies that the 
message hasn't been altered since transmission and there is "something 
you have" authentication (the originator has access and use of the 
corresponding private key). the simple validation of a digital signature 
doesn't carry with it any of the sense of a human signature and/or 
non-repudiation.

in most business scenarios ... the relying party has previous knowledge 
and contact with the entity that they are dealing with (making the 
introduction of PKI digital certificates redundant and superfluous). 
Furthermore, x.509 identity certificates possibly horribly overloaded 
with personal information would reprensent significant privacy issues.

i've claimed that in the aads effort
http://www.garlic.com/~lynn/index.html#aads

not having to be pre-occupied with trying to interest relying parties in 
digital certificates containing information they already had .... we 
were more free to concentrate on general threat, risk and vulnerability 
analysis. for instance, one of the things that a relying party might be 
really interested in is the integrity of the environment housing a 
subject's private key (is it in a software file or a hardware token, if 
a hardware token, what are the characteristics of the hardware token, 
etc) and the integrity of the environment in which a digital signature 
was generated.

one possible scenario is that CAs wanted to convince relying parties in 
the value of the certificates and not distract them with fundamental 
business integrity issues ... which might have resulted in businesses 
diverting money to fundamental business integrity items ... rather than 
spending on redundant and superfluous digital certificates likely 
containing information that they already had (i.e. having digital 
certificates would result in magical fu-fu dust being sprinkled over the 
rest of the infrastructure automagically precluding any such integrity 
problems?). furthermore they could spread semantic confusion ... somehow 
implying that because the term "digital signature" contained the word 
"signature" ... it was somehow related to a human signature.

lots of collected past postings related to fraud, exploits. 
vulernabilities, etc
http://www.garlic.com/~lynn/subpubkey.html#fraud

some number of posts on account number harvesting
http://www.garlic.com/~lynn/subpubkey.html#harvest

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com