Kyle Hamilton schrieb: > On Tue, Mar 31, 2009 at 1:56 PM, Dirk Reske <d...@devhost.de> wrote: > >> Second, >> it's just plain bad PKI to put attributes in Identity Certificates. >> >> >> >> What do you mean with this? >> > > Placing additional attributes in the Identity Certificates makes those > attributes available to everyone who can read them, and since the > entire certificate must be sent in order for the certificate to be > verified that means that it is an "information leakage" vulnerability > -- someone who doesn't need to know a piece of information (e.g. the > birthdate) suddenly does, and that can allow for a 'pretexting' > attack. (This is a form of fraud where someone poses as a victim, > usually across the phone, to obtain information that only the victim > should be allowed to obtain. This was recently used in US politics to > discredit someone from a position in the government hierarchy.) > > In the US, companies technically do not need to know the date-of-birth > in order to comply with COPPA -- all they need to know is whether > someone is over 13 and under 18. A trusted third party could know the > birthdate, and sign a certificate (included as an attribute) that > someone is (at the time of signing) subject to COPPA restrictions or > not. > > -Kyle H Yes, we know about the security issues with the extended private data. But this is no commercial project, but a case study at our university.
Dirk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
