RE: ACTION-457: Give overview of why logotypes are interesting in security considerations section from Hallam-Baker, Phillip on 2008-06-20 (public-wsc-wg@w3.org from June 2008)

From: Hallam-Baker, Phillip <pbaker@verisign.com>
Date: Thu, 19 Jun 2008 19:34:45 -0700
To: <public-wsc-wg@w3.org>
Message-ID: <2788466ED3E31C418E9ACC5C316615572FF943@mou1wnexmb09.vcorp.ad.vrsn.com>

Sorry for the delay, have had real wordsmithing probs.

Certificate Logotype Data

Where the security of a Web interaction depends on the reliable interpretation of the subject identity, the usability of the identifier chosen to represent that identity is of great importance. A DNS name is an identifier created for the purpose of specifying network hosts and is optimized for that purpose, in particular ease of entry is given priority over ease of interpretation. Likewise, the X.500 Distinguished Names employed in X.509 digital certificates are a technical construct designed to support the needs of the network directory.

The form of identifier that corporations in particular have adopted for representing their identity is the logo. A logo is an image that is designed to communicate the identity of the party that uses it. Many corporations and other enterprises invest enormous amounts of time, effort and money to develop and promote logos that are instantly recognizable.

The PKIX Logotype extension allows the use of image or audio data to represent the certificate subject, the certificate issuer and assertions that the subject is a member of certain specified communities. The image or audio data is securely incorporated into the certificate by a URL reference and a cryptographically secure message digest of the data.

Presentation of Logotype information from a PKIX certificate may allow more effective representation of the subject and/or issuer identity and membership of community groups, provided that:

* The logo information is presented in a manner that the user is likely to take notice of in the necessary circumstances
* The logo information is presented through a secure channel that cannot be spoofed or emulated by an attacker.

In addition any technique that makes a subject identity assertion more usable to the user is likely to increase the users confidence in that identity and thus their reliance. Subject logotype data MUST NOT be presented to the user without caveat unless it is contained in an Augmented Assurance certificate.

Received on Friday, 20 June 2008 02:35:44 UTC