RE: XAdES - More secure than XML Dsig?

John,

Just like none of us should use the same username/password for different 
systems, none of us should request multiple certificates for the same key 
pair.
However, a CA has no ultimate control over this since the subject may 
request certificates from multiple CAs. 

Thanks,
Mike

w3c-ietf-xmldsig-request@w3.org wrote on 03/12/2004 11:52:56 AM:

> 
> 
> <gregor>
> However, I do not think that modelling the signer role per using 
different
> certs for the same key is a good practice. Rather the relying party 
should
> deduce this from the context, for instance from the data being signed 
(as
> you do it in the paper world as well), or from another signature 
attribute
> which XadES provides (Signer Role).
> </gregor>
> 
> Yes, reading this chain I got the same feeling as Gregor that the CAs 
issuing 
> multiple certs per the same key pair had crossed the line of the intent 
of 
> the system and were now using the self-signing ability of XML DSig or 
XAdES
> to fix the hack.
> 
> A key pair is supposed to be assigned to a unique identity. If, within a 
system,
> that means (name+role), then that is what should be assigned the key 
pair.
> To say that (name+role) is the identity, but we assign the key pair to 
name
> opens up the real possibility of abuse of the system.
> 
> To wit, how is the relying party supposed to know whether or not a cert 
is the 
> unique wrapper for a given key pair?  Therefore, how can generic 
signature engines
> be written? Must they be told to require signatures that sign the 
certificate as
> part of the core validation?
> 
> Conversely, because it's not part of core validation, shouldn't the CA's 
have
> stayed away from this practice?
> 
> John Boyer, Ph.D.
> Senior Product Architect and Research Scientist
> PureEdge Solutions Inc.
>