[3619] in cryptography@c2.net mail archive
Re: DCSB: Risk Management is Where the Money Is; Trust in Digital Comm
daemon@ATHENA.MIT.EDU (Anonymous)
Wed Nov 11 15:38:34 1998
Date: Wed, 11 Nov 1998 19:42:20 +0100
From: Anonymous <nobody@replay.com>
To: cryptography@c2.net
> The full cost of revocation testing is proportional to the square of
> the depth of the issuance hierarchy. In other words, this exceeds the
> intellectual capacity of most certificate recipients. This means that
> most recipients cannot themselves rely on the security technology to
> establish trust beyond the shadow of doubt.
The first statement is false. Revocation testing is not proportional to
the square of the depth of the issuance hierarchy. If you had, say, a 5
level deep issuance chain, you do not need to check 25 revocation lists.
You only need to check 5.
The second statement is nonsensical. Intellectual capacity is not
at issue. No one has the intellectual capacity to verify even a single
public key signature in their head. The issue is whether the software
can automate the whole authentication process. Obviously checking for
certificate revocations can be automated, as can the recursive process of
walking the certificate chain and verifying each step. This is what
PKI providers like Entrust sell.
The third statement is a non sequitur. No one speaks of establishing
trust beyond the shadow of a doubt, in either electronic or physical
commerce.
> There is one potential fly in this ointment, and I do not intend to
> dwell on it, but I cannot get this far and not mention the threat to
> strong security apparati of having them undermined by key escrow.
This is a red herring. The main issues in electronic commerce are
authentication and authorization, not secrecy and encryption. The latter
points can be important, but they are not crucial for commerce to proceed
in the way that binding contractual commitments are. Key escrow does not
apply to signature keys. No proposal for key escrow asks for signature
keys to be escrowed. Only encryption keys are escrowed.
Key escrow threatens secrecy but not authorization. It is not an issue
for electronic commerce.
