On Tue, Mar 31, 2009 at 1:56 PM, Dirk Reske <d...@devhost.de> wrote: > > > Second, > it's just plain bad PKI to put attributes in Identity Certificates. > > > > What do you mean with this?
Placing additional attributes in the Identity Certificates makes those attributes available to everyone who can read them, and since the entire certificate must be sent in order for the certificate to be verified that means that it is an "information leakage" vulnerability -- someone who doesn't need to know a piece of information (e.g. the birthdate) suddenly does, and that can allow for a 'pretexting' attack. (This is a form of fraud where someone poses as a victim, usually across the phone, to obtain information that only the victim should be allowed to obtain. This was recently used in US politics to discredit someone from a position in the government hierarchy.) In the US, companies technically do not need to know the date-of-birth in order to comply with COPPA -- all they need to know is whether someone is over 13 and under 18. A trusted third party could know the birthdate, and sign a certificate (included as an attribute) that someone is (at the time of signing) subject to COPPA restrictions or not. -Kyle H ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
