basic principle of key ownership

Hi.

I think we need agreement for principle of key ownership between working
group members.

key ownership is divided into two sides.
- provisioner side : mostly like cloud, server or web application side.
- user side : the user as human.

when we review the issues with different view of key ownership,
the result is totally different.

I exampled followings.

[sign]
- in the view of provisioner side, signature will be generated silently.
- in the view of user side, signature will be generated with user consent.

[erasure]
- in the view of provisioner side, the key can be erased silently like
garbage collection.
- in the view of user side, the key should not be erased without user
consent.

[key generation]
- in the view of provisioner side, the key will be generated silently.
- in the view of user side, the key will be generated with user consent.

[pre-provisioned key]
- in the view of provisioner side, the use case is acceptable.
- in the view of user side, the use case is unacceptable. because user did
not allow it.

[same-origin policy]
- in the view of provisioner side, it is strong security policy because the
key is binded to some of provisioners.
- in the view of user side, user is able to use "my key" on any sites with
my decision

---------------

as we see the above examples,
the results are very different by the understanding of key ownership.

non-US banking use cases (Korea, EU...)
are based on "USER has key ownership"

the key means certificate and it's binded private key.

when the WG members agree this principle, the many conflicts can be easily
solved.

regards
mountie.

-- 
Mountie Lee

PayGate
CTO, CISSP
Tel : +82 2 2140 2700
E-Mail : mountie@paygate.net

=======================================
PayGate Inc.
THE STANDARD FOR ONLINE PAYMENT
for Korea, Japan, China, and the World