- From: Pete Wenzel <pete@seebeyond.com>
- Date: Thu, 11 Jul 2002 17:59:18 -0700
- To: Joseph Hui <Joseph.Hui@exodus.net>
- Cc: Christopher B Ferris <chrisfer@us.ibm.com>, Hal Lockhart <hal.lockhart@entegrity.com>, www-ws-arch@w3.org
Thus spoke Joseph Hui (Joseph.Hui@exodus.net) on Thu, Jul 11, 2002 at 04:27:32PM -0700: > [snip] > >> >Presumably she requires some proof of possesion, a certificate > >> >alone proves nothing, but this is a side issue. > >> > >> A certificate proves nothing? By certificate I meant a cert > >> that Alice > >> deemed trustworthy, say a CA signed cert. Now, if a CA signed cert, > >> which millions of Internet shoppers trust their money to, > >> means nothing > >> to you, then I don't think we'll go anywhere on the issue. > > > > A certificate alone means nothing, even one that is CA > > signed, absent a CPS. > > Well, it means whatever Alice deems trustworthy or otherwise, > assuming Alice already practices "safe certs," such as > checking the CRL (Cert Revokation List) with due dilligence. > [snip] These are all important considerations for establishing a certificate's trustworthiness, but I think you are both still missing Hal's "proof of possession" point. The fact that I can present some random certificate to you, even if it passes all validity checks, only serves as identification. My identity is not authenticated (bound to the identifiers in the cert) unless I can actively prove to you that I am the subject of said cert. (This by demonstrating that I can sign a challenge nonce, verifiable using the cert's public key; or that I can decrypt something that you have encrypted with it.) --Pete Pete Wenzel <pete@seebeyond.com> SeeBeyond Standards & Product Strategy +1-626-471-6311 (US-Pacific)
Received on Thursday, 11 July 2002 20:59:54 UTC