IETF Logo Mail Archive

CMP: generation of private keys

Stefan Kelm <kelm@pca.dfn.de> Tue, 24 November 1998 15:59 UTC

Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.8.5/8.8.7a) with ESMTP id KAA25349 for <pkix-archive@odin.ietf.org>; Tue, 24 Nov 1998 10:59:49 -0500 (EST)
Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id FAA04610 for ietf-pkix-bks; Tue, 24 Nov 1998 05:24:28 -0800 (PST)
Received: from procert.cert.dfn.de (kelm@procert.cert.dfn.de [134.100.14.1]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id FAA04603 for <ietf-pkix@imc.org>; Tue, 24 Nov 1998 05:23:43 -0800 (PST)
Received: (from kelm@localhost) by procert.cert.dfn.de (8.9.1a/8.9.1) id OAA03230 for ietf-pkix@imc.org; Tue, 24 Nov 1998 14:27:37 +0100 (MET)
Date: Tue, 24 Nov 1998 14:27:37 +0100
From: Stefan Kelm <kelm@pca.dfn.de>
Message-Id: <199811241327.OAA03230@procert.cert.dfn.de>
To: ietf-pkix@imc.org
Subject: CMP: generation of private keys
Reply-To: ietf-pkix@imc.org
X-Sun-Charset: US-ASCII
Sender: owner-ietf-pkix@imc.org
Precedence: bulk

I do not want to start the discussions about key generation again but the
following paragraph from draft-ietf-pkix-ipki3cmp-08.txt raises a question
to me:

: 2.2.1.3 Location of key generation
:
: In this specification, "key generation" is regarded as occurring
: wherever either the public or private component of a key pair first
: occurs in a PKIMessage. Note that this does not preclude a centralized
: key generation service - the actual key pair MAY have been generated
: elsewhere and transported to the end entity, RA, or CA using a
: (proprietary or standardized) key generation request/response protocol
: (outside the scope of this specification).
:
: There are thus three possibilities for the location of "key
: generation":  the end entity, an RA, or a CA.

In a legal context (esp. the German Signature law) a relying party might want
to know who generated the key pair of another end entity before deciding to
enter a contractual relationship with this entity. One might place trust
in another subject's certificate based on that question so wouldn't it make
sense to specify an optional certificate extension that indicates who
performed the process of key generation (eg. EE, CA, RA, other)?

I don't think this is merely a policy/CPS issue since the CA might not
address this issue in its policy. The German Signature law profile, for
example, in principle allows for the key material to be generated by either
the CA or the end entity (although the latter is very unlikely to happen
due to the technical requirements). So the relying party wouldn't get an
answer from reading the policy/CPS.

Comments?

        Stefan.

______________________________________________________________________________
Stefan Kelm            PGP key: "finger kelm@www.pca.dfn.de" or via key server
DFN-PCA, University of Hamburg                               <kelm@pca.dfn.de>
Vogt-Koelln-Str. 30                               http://www.pca.dfn.de/~kelm/
22527 Hamburg (Germany)          Tel: +49 40 5494 2262 / Fax: +49 40 5494 2241

v2.23.0 | Report a Bug | By Email