Open versus closed PKI systems

Nicholas Bohm nbohm at ernest.net
Mon, 21 May 2001 12:55:56 +0100 

At 11:09 21/05/2001 +0100, Ben Laurie wrote:
>Brian Gladman wrote:
>> 
>> From: "Parker Tom TA" <Tom.A.Parker@icl.com>
>> To: <ukcrypto@chiark.greenend.org.uk>
>> Sent: Friday, May 18, 2001 10:03 AM
>> Subject: RE: Open versus closed PKI systems
>> 
>> > Brian,
>> >
>> > > Whatever its detractors believe, Microsoft is a very
>> > > important company in
>> > > cyberspace and this means that the ability of an impersonator
>> > > to act in their name, for example, in issuing software, is a very
>> > > serious concern.
>> > > Certificiates issued in the name of Microsoft, Oracle, Cisco,
>> > > Sun,...  are not 'run of the mill' certificates but rather certificates
>> > > which, if bogus,
>> > > could bring down large parts of the Internet and hence have truly
>> > > horrendous consequences for all those who now rely on it in various
>> > > ways.
>> >
>> > Yes I totally agree, but I think it is mostly the fault of Microsoft for
>> > outsourcing not only the certification service but the registration
>> service.
>> > Any company with any sense would realise that nobody knows as well as the
>> > company itself who works for it. Ask most businesses in the UK (and my
old
>> > company ICL is one I can cite specifically) whether they would outsource
>> > registration and they would answer "no way!".
>> 
>> Hi Tom,
>> 
>> Thank you for introducing the RA/CA distinction onto the discussion since I
>> think this is important.   I think this suggests that we are not as far
>> apart on this as it might appear.  My concern is that domain knowledge
(i.e.
>> RA knowledge) is the key to good certificates but that, sadly, there is far
>> too much emphasis on the CA role.
>> 
>> I do not mind the CA function being contracted out but my fear is that the
>> vital RA function is becoming lost in the process because many think that
>> the CA role covers both functions. And in all the cases that I have
>> considered, contracting out the RA role removes any real trust that can be
>> placed in the resulting certificates.
>> 
>> If I am trading with ICL, I am likely to have obtained an ICL digital
>> signature in some way (probably as a part of a contractual agreement
setting
>> the terms and conditions of our electronic relationship).  If ICL then uses
>> this signature to indicate to me that Tom Parker works for ICL this is very
>> different, and much more acceptable, than a certificate that says that
>> 'Verisign thinks that Tom Parker works for ICL'.
>> 
>> Once the RA function and the CA function are properly distinguished I do
>> believe that it is much easier to see how to achieve certificates that
offer
>> true 'value added' for relying parties.  It is surely the encapsulation of
>> domain knowledge, and the representation of trust in the 'domain owner',
>> that provide the keys to obtaining truly useful certificates.
>
>All the consultancy I've done on CA services clearly recognises the
>split between RA and CA. The main problem I've noticed is that people
>get rather upset when they're told that the security of the RA is vital
>to the security of the certs. Having to do things like separate the RA
>machine(s) from the rest of their network and having locks on the doors
>strike them as downright incovenient.

What also needs better recognition than it's getting is the need for a
sensible legal infrastructure.  

Within a closed system, users of signing keys (which I think it's
misleading to call certificates) can be parties to a contract with relying
parties from which they can clearly see what responsibilities they are
expected to accept for the security of their keys.  (Perhaps this will lead
them too to the inconvenient conclusion that they're exposed to significant
risks if they don't isolate their signing machine.)

In an open system the legal infrastructure leaves matters less than clear,
since it consists largely of CA disclaimers and relying parties' sporadic
attempts to impose varieties of non-repudiation on signers.

This will not lead to a growth in users' confidence, especially where it
leaves them substantially worse off than they would be just using their
credit cards under the existing regime with no digital signatures.

Regards

Nicholas

Salkyns, Great Canfield,
Takeley, Bishop’s Stortford CM22 6SX, UK

Phone	01279 871272	(+44 1279 871272)
Fax	01279 870215	(+44 1279 870215)
Mobile	07715 419728 (+44 7715 419728)

PGP RSA 1024 bit public key ID: 0x08340015.  Fingerprint:
9E 15 FB 2A 54 96 24 37  98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF