[483] in cryptography@c2.net mail archive
CAs vs. TTPs
daemon@ATHENA.MIT.EDU (Bill Frantz)
Thu Apr 3 14:46:59 1997
Date: Thu, 3 Apr 1997 09:07:45 -0800
To: "Michael Froomkin - U.Miami School of Law" <froomkin@law.miami.edu>
From: Bill Frantz <frantz@netcom.com>
Cc: cypherpunks@cyberpass.net, cryptography@c2.net
Michael Froomkin - U.Miami School of Law has been quoted:
>
> On Sun, 23 Mar 1997, Ben Laurie wrote:
>
> > Oh yes, the other two important points to note are:
> >
> > 1. Confusion of TTPs and CAs. Although a TTP can, of course, perform the
> > function of a CA, a CA can do the job just as well. The need for CAs
>does not
> > justify TTPs. The document makes no attempt to make this clear.
>
> Can you explain further what you mean here please? I thought that a CA
> was a species of TTP. I'm fairly sure that is how it's generally used.
> Is there some other general usage?
I think they are different things. Consider who is trusting them. With a
CA, any person getting a certified key is trusting the CA's certification.
The only key a CA needs to access is the public key. A CA can certify a
public key without the help, permission, or knowledge of the owner of the
corrisponding private key. (I thought about doing that to Senator Leahy's
key just to show that it could be done.) In summary, the actor using the
public key is trusting an assertion about that key from the CA.
Now, a TTP is quite different. A TTP is trusted to hold secret keys.
(Either symetric keys, or the secret key of a public key pair.) In a
public key system, this means that the holder of the secret key must trust
the TTP. (Also, anyone using the public key must have some trust in the
TTP, at least as far as those uses go.) In summary, it is the actor
holding the secret key that must trust the TTP, a key difference from the
CA.
-------------------------------------------------------------------------
Bill Frantz | I have taken a real job at | Periwinkle -- Consulting
(408)356-8506 | Electric Communities as a | 16345 Englewood Ave.
frantz@netcom.com | capability security guru. | Los Gatos, CA 95032, USA
