Management of signature keys for government
Roger Fleming
roger at police.tas.gov.au
Wed, 4 Mar 1998 14:59:58 +1100
Brian Gladman wrote:
[...]
>One issue in the self generation of keys is how to prevent a user
>repudiating their own key by revealing its private component.
[...]
>There are a number of ways in which a user could be prevented (or
>at least
>deterred) from revealing their own key but it is not clear (to me
>at least)
>whether any of these are practical in the real world.
In view of the recent discussion about what type of signatures are
acceptable in the real world, I wonder if this isn't too stringent a
requirement for the system. After all, today you cannot repudiate a
paper-signed contract by claiming that you signed a quantity of
blank pages and left them lying about. It is _your_ responsibility
to protect your signature. Essentially, if the user has some means
of revoking the key pair even after losing it, and their genuinely is
no practical way for a third party to steal his private keys, I don't
see the problem with just regarding all pre-revocation signatures
as binding.