[13606] in cryptography@c2.net mail archive
certificates & the alternative view
daemon@ATHENA.MIT.EDU (Anne & Lynn Wheeler)
Thu Jun 12 16:54:03 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 12 Jun 2003 11:14:33 -0600
To: "James A. Donald" <jamesd@echeque.com>
From: Anne & Lynn Wheeler <lynn@garlic.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <3EE78EF4.23167.253CC47@localhost>
>I think you have put your finger right on the problem.
>Certificates, https, and the entire PKI structure were designed
>for an accountless world, but the problem is accounts.
the other view ... is using a little information theory .... is that
certificates are stale, static, read-only copy of information in the
certificate authority's account record .... targeted for offline
environments where the relying party has no access to the real
authoritative agency responsible for the information.
one of the things from the '90s, in the transition from offline to the
start of a pretty much ubiquitous online world was trying to come up with
things to put into certificates to justify their price. One of the attempts
was extreme overloading of the certificate with large amounts of identity
and privacy information, and furthermore you convince the public that they
should pay for the privilege of having huge amounts of their privacy
information sprayed all over the world.
The fallback is to attempt to reduce as much as possible any information of
actual value in a certificate and to not go around confusing identification
with authentication. This was sort of the relying-party-only certificates
from the financial community in the later part of the 90s .... don't put
any information of any value what-so-ever in a certificate; just create
these huge, very large bit patterns that were one hundred times larger
than a typical payment transaction and require that these extremely large
bit patterns had to be attached to every payment transactions sent back to
the financial institution (which already had the original copy of all the
information). From this is was possible to demonstrate a PKI infrastructure
where every certificate was compressed to zero bytes. The horrible payload
penalty and information/privacy leakage problem was ultimately addressed
with zero byte certificates. They contained zero byte, stale, static,
read-only copy of the information in the certificate authority's account
record.
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
