Richard Levitte - VMS Whacker wrote:
>
> From: Kent Crispin <[EMAIL PROTECTED]>
>
> kent> Just thinking out loud...
> kent>
> kent> Note that the PGP "web of trust" model works without a centralized CA,
> kent> and that free key servers exist. Perhaps there is some hybrid possible,
> kent> where people can register for free/low cost, and can also register as
> kent> independent CAs. By gaining endorsements from other registrants,
> kent> gradually build up a hierarchy of signers that are considered extremely
> kent> trustworthy -- these highly endorsed signers would effectively be mini
> kent> CAs, with high reputation in the community...*why* they are considered
> kent> trustworthy wouldn't need to be addressed, and they could market their
> kent> trustworthiness however they thought best...
>
> And there we have the difference in philosophy between the two systems
> in a nutshell.
>
> What you say is a nice thought, and I'd very much like to see
> something like that, but I see one problem with it, at least with the
> current definition of RFC2459 certificates (as I understand RFC2459.
> If I'm way wrong, please tell me): there can only be one signature for
> each certificate.
>
Well I suppose in the case of a certificate yes this isn't easily
achievable in a direct way.
It would be possible to have an end user have a self signed certificate
and then include the various people who "trust" it carried around as a
separate entity which might be included in things like S/MIME
attributes. Making this part of the certificate itself is trickier but
it could be done with a few tricks.
>
> In any case, there are already institutions that we (or at least,
> that's how it works in Sweden) give a certain amount of trust to hold
> the ultimate proof of our identity (in Sweden, it's the IRS, of all
> things). It would be quite natural for those to start handing out
> certificates. I think this has already started, or at least that the
> fuondation for such a thing are being layed out, but I'm sure there
> will be one or another trivia master who will correct me on this :-).
>
There's always a danger with the "trusted CA" model. Anyone who can
coerce a trusted CA into issuing a bogus certificate can perform a man
in the middle attack and undermine the security.
The coercer might vary from a criminal to a government agency which some
would argue is the same thing :-)
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
