[3641] in cryptography@c2.net mail archive
Re: DCSB: Risk Management is Where the Money Is; Trust in Digital Comm
daemon@ATHENA.MIT.EDU (Ian Brown)
Fri Nov 13 12:19:27 1998
Date: Fri, 13 Nov 1998 14:56:21 +0000
From: Ian Brown <I.Brown@cs.ucl.ac.uk>
To: Enzo Michelangeli <em@who.net>
CC: cryptography <cryptography@c2.net>
> Uhm, I see. But in that case, what happens if someone gets a (non-escrowed)
> DSA cert, and uses it for a secure web server only supporting the
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA ciphersuite (ephemeral Diffie-Hellman
> authenticated with DSS)? Strong, MIM-attack-resistant, and required by TLS
> for minimum compliance (and, HOPEFULLY, some day supported by popular
> browsers...)
Although it isn't clear if this will happen (or even if the govt. has
realised the possibility), the CA could set keyUsage flags in the
certificate to stop a DSA cert from authenticating a strong encryption key
at all, or limit authenticated encryption key length to 40 bits, or not
allow any further certification by that key. The wonders of X.509...
Ian.
