A mighty fortress is our PKI, Part II

Paul Tiemann paul.tiemann.usenet at gmail.com
Tue Jul 27 19:14:06 EDT 2010


On Jul 27, 2010, at 3:34 PM, Ben Laurie wrote:

> On 24/07/2010 18:55, Peter Gutmann wrote:
>> - PKI dogma doesn't even consider availability issues but expects the
>>  straightforward execution of the condition "problem -> revoke cert".  For a
>>  situation like this, particularly if the cert was used to sign 64-bit
>>  drivers, I wouldn't have revoked because the global damage caused by that is
>>  potentially much larger than the relatively small-scale damage caused by the
>>  malware.  So alongside "too big to fail" we now have "too widely-used to
>>  revoke".  Is anyone running x64 Windows with revocation checking enabled and
>>  drivers signed by the Realtek or JMicron certs?
> 
> One way to mitigate this would be to revoke a cert on a date, and only
> reject signatures on files you received after that date.

I like that idea, as long as a verifiable timestamp is included.

Without a trusted timestamp, would the bad guy be able to backdate the signature?

Paul Tiemann
(DigiCert)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list