Property RIghts in Keys
Weger, B.M.M. de
b.m.m.d.weger at TUE.nl
Thu Feb 12 16:01:15 EST 2009
Hi all,
> Say I have discovered a marvelous method of easily factoring
> RSA keys, which unfortunately the margin of this emacs buffer
> is too small to contain, and I then go out, factor GeoTrust's
> CA key and issue a new certificate.
>
> Questions:
>
> Am I now infringing on GeoTrust's IP rights? Or have, rather,
> I made myself a co-owner in said rights on this particular key?
>
> Have I broken any law? If not, should what I have done be illegal?
Here's a variant that I find interesting ;-). It's not about the
public key but about the signature, another cryptograhic field
in a certificate that shares many properties with keys.
Say somebody has discovered a marvelous method of finding collisions
for a hash function. Then he creates two certificates, of which the
to-be-signed parts form a hash collision. Then he lets a CA sign
one of them, and copies the signature into the other one, making
that a certificate that is indistinguishable from a valid one
issued by the CA. Has he broken any copyright law?
I admit this is a purely hypothetical case. Or... maybe it isn't?
Grtz,
Benne de Weger
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list