On Fri, Jun 21, 2002 at 02:54:25PM -0500, [EMAIL PROTECTED] wrote: > Maybe I am reading more into it then exists but the bullet in the document > says it will: > > Reduce help desk calls from end-users related to "untrusted" > certificates
It makes sense, though, that a company should be able to issue certificates for servers belonging to various departments within the company. The organisation knows its own internals far better than RSA does. Why should RSA/Verisign/whoever be responsible for signing such certificates? I see no benefit to having such a wide, flat web of trust. What root CAs are good at, and what they should be doing, is authenticating the organisation itself. They can verify that the organisation exists as described, and that the private key really is controlled by someone authorised within that organisation. This makes them fairly well suited to handing out certificates for the public face of the organisation. The high cost of this process, though, means that organisations tend to have very few secure servers, and if they need to secure any machines for internal use, they're not going to ask a root CA to do it; they'll just make one and sign it themselves, and probably put a note on the page which says, "We know that your browser will claim this cert is invalid; just accept it anyway." This sort of practice is what leads to all of the help-desk calls, and is probably more damaging to PKI, ultimately, than letting RSA issue a certificate which says, "The owner of this certificate is trusted to sign certificates within the organisation XYZ". If the alternative is to have people conditioned to simply click "Proceed" whenever they see an unrecognised signer, I'd much rather have this system. > That and the other language lead me to believe they have a trusted root > already loaded in my browser that they let anybody authenticate to that is > willing to buy their certificate authority software and that my browser will > think those certificates are fine. They already have such a root certificate in your browser. Nowhere in the press release do they say that they will let anyone and everyone get the CA software and start signing certificates for every site and its dog. > I just hope that none of the private keys of all these (many probably > unsecured) CAs leak. This shouldn't be a problem, as long as the signing certificate can only be used to sign certificates within that organisation. In that case, if one does get compromised, then that company has a major PR problem, but it's not the end of the world for everyone else. They should have taken better care of the keys. My whole argument, of course, rests on the assumption that these certificates can be restricted in this way. I don't know enough about the format of X.509 certs to say for sure that this is true. Someone on this list must, though. Ian Clelland <[EMAIL PROTECTED]> --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
