Re: what are realistic threats?

• To: www-security@ns1.rutgers.edu, Karl Auerbach <karl@cavebear.com>
• Subject: Re: what are realistic threats?
• From: hallam@dxal18.cern.ch
• Date: Mon, 03 Oct 94 10:46:40 +0100
• Cc: hallam@dxal18.cern.ch
• In-Reply-To: Your message of "Sun, 02 Oct 94 12:32:38 PDT." <9410021932.AA03689@cavebear.com>
• Reply-To: hallam@dxal18.cern.ch

>Different people have different definitions of "security" and you
>might not be happy with the author's definition as embedded in his/her
>program/script even if you can prove you have an authentic copy.
>
>		--karl--

Exactly, unless the document itself is validated I don't see that there
is much value in an embedded certificate. Particularly as the certificate
may go out of date.

What we really need is the URN scheme, as well as the transformation from
URN->URL to obtain the document a similar process is required to obtain
the certificate.

For Certificate URNs the problem is rather easier than for documents, there
are fewer certificates for a start since once certificate can sign many
documents. 


One other thing about a multiple root authentication hierarchy. People may
not trust US govt in general, however there is one circumstance in which
trust is warranted, when there is a danger they can be found out. Cross
checking of certs is simple enough. If an authentication service signs a bogus
certificate the risk of detection is relatively high. Once found to have
signed bogus certificates it is unlikely that an authentication service will
be trusted again.


	Phill

• Re: what are realistic threats?
• From: Karl Auerbach <karl@cavebear.com>

• Previous: Re: what are realistic threats?
• Next: Re: OBCSCR
• Index(es):
  • Index
  • Thread