[1826] in cryptography@c2.net mail archive
Re: States of Identity
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Wed Nov 12 10:30:01 1997
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: smith@securecomputing.com
Cc: cryptography@c2.net
Reply-To: pgut001@cs.auckland.ac.nz
X-Charge-To: pgut001
Date: Wed, 12 Nov 1997 10:27:42 (NZDT)
>From: Daniel Greenwood <dan@CIVICS.COM>
>>One interesting thing I noticed while scanning PKI section of the reg.s
>>is that certificate may be used "to certify that [the signer] controls
>>the key pair used to create the signature."
>>[...]
>
>If I read this correctly, the implication is that once you've "signed" a
>certificate and declared that you "control" your private key, future events
>can not change this situation. In other words, the problem of revoking a
>public key certificate has been eliminated by legislation -- you simply
>*can't* revoke a certificate. God help you if someone steals your private
>key.
>
>Is this *really* what these guys mean?
I would have thought that the intent was to show that you, and not you and
Honest Louis' Investigative Agency and GAK Centre, control the key - it's a
way of stating to the other party that "This key is not GAKked".
Peter.
