Lucky (and Bill, in another message),
My question was about the legal meaning, or, better, prevalent legal
interpretation, of "signature-only key". I know how authenticated key
exchange mechanisms work, and, on the other hand, Ron Rivest has shown that
at least in principle there are other ways of achieving confidentiality by
relying only on authentication primitives.
This is not a purely academic issue. For example, in Hong Kong the import of
cryptographic devices is exempted from import licensing (not a big hurdle,
but an annoying bureaucratic procedure nevertheless) if they are "only used
for authentication or digital signature":
http://www.info.gov.hk/tid/faq/strategic1.htm#q23
This effectively exempts things like signature-only smartcards and similar
tokens.
Cheers --
Enzo
----- Original Message -----
From: "Lucky Green" <[EMAIL PROTECTED]>
To: "Cryptography@C2. Net" <[EMAIL PROTECTED]>
Sent: Wednesday, August 16, 2000 4:00 PM
Subject: RE: Using signature-only certs to authenticate key exchanges
> Enzo,
> Many applications that employ certs ignore key usage restrictions. This
> isn't your fault or the fault of the CA. It simply reflects a 'broken'
> implementation. IANAL, but I fail to see how you or your customers could
be
> held responsible for applications that use certs in ways other than the
cert
> was intended to be used by the issuer.
[...]
