Re: Online Certificate Revocation Protocol
jim <jimhei@cablespeed.com> Sun, 10 June 2001 01:52 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id VAA22491 for <pkix-archive@odin.ietf.org>; Sat, 9 Jun 2001 21:52:59 -0400 (EDT)
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.3/8.11.3) id f5A0tQk22702 for ietf-pkix-bks; Sat, 9 Jun 2001 17:55:26 -0700 (PDT)
Received: from mail.cablespeed.com (mail.cablespeed.com [206.112.192.76]) by above.proper.com (8.11.3/8.11.3) with ESMTP id f5A0tOJ22698 for <ietf-pkix@imc.org>; Sat, 9 Jun 2001 17:55:25 -0700 (PDT)
Received: from cablespeed.com (c216-45-71-147.md1.cablespeed.com [216.45.71.147]) by mail.cablespeed.com (8.9.3/8.9.3) with ESMTP id RAA22900 for <ietf-pkix@imc.org>; Sat, 9 Jun 2001 17:55:22 -0700
Message-ID: <3B22C6E5.AF768E67@cablespeed.com>
Date: Sat, 09 Jun 2001 21:01:25 -0400
From: jim <jimhei@cablespeed.com>
X-Mailer: Mozilla 4.73 [en] (Windows NT 5.0; I)
X-Accept-Language: en
MIME-Version: 1.0
CC: ietf-pkix@imc.org
Subject: Re: Online Certificate Revocation Protocol
References: <8D7EC1912E25D411A32100D0B76953978DF473@scygmxs01.cygnacom.com>
Content-Type: multipart/alternative; boundary="------------32E6C92284CA236694B81154"
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
List-ID: <ietf-pkix.imc.org>
True, a destruction event does not mean that a key has been compromised, but on the other hand, it does not mean that a compromise did not occur. Thus, there is still need to close the loop. Jim Santosh Chokhani wrote: > In all this, I do not see a security reason for key revocation. If and > when a key is known or suspected of compromise, one should (must) revoke it.A > destruction event does not mean key has been compromised. > > -----Original Message----- > From: jim [mailto:jimhei@cablespeed.com] > Sent: Friday, June 08, 2001 8:33 PM > To: Santosh Chokhani > Cc: Tony Bartoletti; Housley, Russ; pgut001@cs.auckland.ac.nz; > ietf-pkix@imc.org > Subject: Re: Online Certificate Revocation Protocol > > I usually try to keep a low profile, but cannot help but get > involved. There is absolutely a need for revoking keys, even if > they were destroyed. If I were conducting a high-risk operation > (large sales, financial responsibilites, life responsibilities in > the medical community, national defense, etc.), I would not trust > any system where keys were not revoked just because someone reported > them destroyed. The associated key could certainly be reproduced > for later usage if someone were able to figure out what was being > used, and without revocation, there would be no way to ensure that > they usage of the key did not continue after the reported > destruction. When a key is no longer to be used other than at the > end of its validity period, it must be place on a CRL to end usage > of it altogether. > > I have stated it pretty strongly, but I feel that way about it. The > problem then becomes one of determining the risk mitigation with > lost keys and ensuring that the mitigation is as stringent as > possible to ensure less risk. It is a matter of trust if the CP and > CPS do not call for revocation and will certainly disqualify the > users of such keys from access to areas where their certification is > not considered suitable. If the ability to put trust into a > certificate that is then used to authenticate a user so that user > can access information or workflow that they would not otherwise be > able to access, then the business decision behind using that form of > trust must make the risk mitigation decision to reduce the amount of > trust that can be divested into a certificate from a system that > does not revoke it because it is reported by the user to be > destroyed. For a system to be validated, registration and > certificate issuance have to be upheld by having practices as strong > for certificate revocation. Otherwise, why have a PKI to begin > with? > Jim Heimberg, ABC, Ph.D. > > Santosh Chokhani wrote: > > > > > > > Destroying a private key used to generate signature may cause some > > operational grief in terms of getting a new key certified, but > > there is no need for that key any more and hence no revocation is > > needed. > > > > Destroying a private decryption key also does not require any > > revocation, but underscores the need for key recovery. Absent key > > recovery, data encrypted with the public key companion to the lost > > private key, can not be decrypted. > > > > -----Original Message----- > > From: Tony Bartoletti [mailto:azb@llnl.gov] > > Sent: Friday, June 08, 2001 5:31 PM > > To: Housley, Russ; pgut001@cs.auckland.ac.nz > > Cc: ietf-pkix@imc.org > > Subject: Re: Online Certificate Revocation Protocol > > > > At 04:47 PM 6/8/01 -0400, Housley, Russ wrote: > > >Peter: > > > > > >You make an interesting point. I figure that a message signed > > with the > > >private key that is claiming to be compromised is a good thing to > > pay > > >attention to. > > > > > >If the message is from the subscriber, then that subscriber > > probably knows > > >that some bad thing just happened and the subscriber is trying to > > let > > >everyone know. He does not want any one to rely on the key any > > more. > > > > > >If the message is not from the subscriber, then the key has > > absolutely > > >been compromised. What a nice attacker to tell everyone. > > > > > >Russ > > > > Indeed. I have often considered that a revocation request signed > > with the > > corresponding private key is one of the few things in this world > > one can > > act upon reliably. If we could build whole systems on such > > principles, > > we'd be home free. > > > > A question: If one discovers that they have accidently destroyed > > their > > private key (and there is no evidence of compromise), are they > > under any > > particular obligation to request revocation? Is there any > > liability, or > > other real "downside" to simply getting a new key and keeping mum > > about the > > fate of the former key? > > > > (I ask, because this seems the only case where a revocation > > request could > > NOT be signed by the key in question.) > > > > ___tony___ > > > > >At 04:34 AM 6/9/2001 +0000, Peter Gutmann wrote: > > >>Nada Kapidzic Cicovic <nada@entegrity.com> writes: > > >> > > >> >This is exactly what CMP specifies. Many vendors already have > > support > > >> for CMP > > >> >EE initiated certificate revocation. The interoperability of > > different > > >> >implementations of CMP certificate revocation (among other > > things) has been > > >> >conducted during PKI Forum and ICSA CMP interop testing quite > > successfully. > > >> > > >>However there are two ways to look at revocation, the DOS model > > and the scram > > >>switch model. The DOS model says that anyone who can revoke > > your cert can > > >>cause a DOS, so it should be made as difficult as humanly > > possible to > > >>revoke a > > >>cert. The scram switch model says that when your private key is > > compromised > > >>you want the cert revoked right now with no excuses, so it > > should be made as > > >>easy as possible to revoke a cert. CMP follows the DOS model > > and makes > > >>it very > > >>difficult (in some cases impossible) to revoke your cert. > > Programs like PGP > > >>follow the scram switch model (via suicide-note revocations) and > > make it very > > >>easy to revoke your cert. Depending on your point of view, CMP > > may not > > >>be the > > >>right thing for handling revocations. > > >> > > >>Peter. > > > > Tony Bartoletti 925-422-3881 <azb@llnl.gov> > > Information Operations, Warfare and Assurance Center > > Lawrence Livermore National Laboratory > > Livermore, CA 94551-9900 > > >
- RE: Online Certificate Revocation Protocol JANES, Mark
- Online Certificate Revocation Protocol Massimiliano Pala
- Online Certificate Revocation Protocol Massimiliano Pala
- Re: Online Certificate Revocation Protocol Hansen Wang
- RE: Online Certificate Revocation Protocol Carlin Covey
- RE: Online Certificate Revocation Protocol Peter Williams
- RE: Online Certificate Revocation Protocol Frank Balluffi
- Re: Online Certificate Revocation Protocol Massimiliano Pala
- Re: Online Certificate Revocation Protocol Massimiliano Pala
- Re: Online Certificate Revocation Protocol Nada Kapidzic Cicovic
- Re: Online Certificate Revocation Protocol Massimiliano Pala
- Re: Online Certificate Revocation Protocol Peter Gutmann
- RE: Online Certificate Revocation Protocol Peter Gutmann
- Re: Online Certificate Revocation Protocol Massimiliano Pala
- Re: Online Certificate Revocation Protocol Housley, Russ
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- Re: Online Certificate Revocation Protocol Tony Bartoletti
- Re: Online Certificate Revocation Protocol Tony Bartoletti
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- Re: Online Certificate Revocation Protocol Andrew W. Gray
- Re: Online Certificate Revocation Protocol Paul Hoffman / IMC
- Re: Online Certificate Revocation Protocol Hansen Wang
- Re: Online Certificate Revocation Protocol Tony Bartoletti
- Re: Online Certificate Revocation Protocol Tony Bartoletti
- Re: Online Certificate Revocation Protocol Marc Branchaud
- RE: Online Certificate Revocation Protocol Paul Gogarty
- Re: Online Certificate Revocation Protocol jim
- Re: Online Certificate Revocation Protocol Hansen Wang
- Online Certificate Revocation Protocol Mr Jonathan W Jenkyn
- Re: Online Certificate Revocation Protocol Hansen Wang
- Online Certificate Revocation Protocol Massimiliano Pala
- Re: Online Certificate Revocation Protocol Massimiliano Pala
- Online Certificate Revocation Protocol Massimiliano Pala
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- Re: Online Certificate Revocation Protocol Paul Hoffman / IMC
- Re: Online Certificate Revocation Protocol jim
- Re: Online Certificate Revocation Protocol Peter Gutmann
- Re: Online Certificate Revocation Protocol Peter Gutmann
- Re: Online Certificate Revocation Protocol Peter Gutmann
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- Re: Online Certificate Revocation Protocol Massimiliano Pala
- Re: Online Certificate Revocation Protocol Bob Jueneman
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Carlin Covey
- Re: Online Certificate Revocation Protocol Marc Branchaud
- RE: Online Certificate Revocation Protocol Tony Bartoletti
- Re: Online Certificate Revocation Protocol Tony Bartoletti
- Re: Online Certificate Revocation Protocol Marc Branchaud
- Re: Online Certificate Revocation Protocol Marc Branchaud
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- Re: Online Certificate Revocation Protocol Massimiliano Pala
- RE: Online Certificate Revocation Protocol Lynn.Wheeler
- Re: Online Certificate Revocation Protocol Marc Branchaud
- RE: Online Certificate Revocation Protocol Carlin Covey
- RE: Online Certificate Revocation Protocol Lynn.Wheeler
- RE: Online Certificate Revocation Protocol Paul Gogarty
- RE: Online Certificate Revocation Protocol Scherling, Mark
- RE: Online Certificate Revocation Protocol Carlin Covey
- RE: Online Certificate Revocation Protocol Scherling, Mark
- RE: Online Certificate Revocation Protocol Bob Jueneman
- RE: Online Certificate Revocation Protocol Scherling, Mark
- Re: Online Certificate Revocation Protocol Terry Hayes
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Scherling, Mark
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Scherling, Mark
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Carlin Covey
- Re: Online Certificate Revocation Protocol Peter Gutmann
- RE: Online Certificate Revocation Protocol Lynn.Wheeler
- Re: Online Certificate Revocation Protocol Massimiliano Pala
- Re: Online Certificate Revocation Protocol jim
- Re: Online Certificate Revocation Protocol jim
- Re: Online Certificate Revocation Protocol Lynn.Wheeler
- Re: Online Certificate Revocation Protocol Tony Bartoletti
- Re: Online Certificate Revocation Protocol Tony Bartoletti
- RE: Online Certificate Revocation Protocol Scherling, Mark
- RE: Online Certificate Revocation Protocol Hal Lockhart
- Re: Online Certificate Revocation Protocol Peter Gutmann
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- Re: Online Certificate Revocation Protocol jim
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Liaquat Khan
- RE: Online Certificate Revocation Protocol Scherling, Mark
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- Re: Online Certificate Revocation Protocol Tony Bartoletti
- RE: Online Certificate Revocation Protocol Scherling, Mark
- RE: Online Certificate Revocation Protocol Santosh Chokhani
- RE: Online Certificate Revocation Protocol Tony Bartoletti
- Re: Online Certificate Revocation Protocol jim
- RE: Online Certificate Revocation Protocol Luis Azevedo
- Re: Online Certificate Revocation Protocol Denis Pinkas
- Re: Online Certificate Revocation Protocol Peter Gutmann
- RE: Online Certificate Revocation Protocol Liaquat Khan
- Re: Online Certificate Revocation Protocol Denis Pinkas
- Re: Online Certificate Revocation Protocol Denis Pinkas
- Re: Online Certificate Revocation Protocol Nick Pope