At 11:13 AM -0700 10/17/08, Nelson B Bolyard wrote: >A root that revokes itself invokes the liar's paradox. >NSS wishes to avoid the fate of the android Norman. :)
Sorry, but that's a bit too glib. A "suicide note" is one valid method of trust anchor management. It does not invoke the liar's paradox if the semantics of the system accounts for it. PKIX doesn't have a standardized semantic for suicide notes, but a system such as NSS could create one. And, of course, such a semantic could be added to PKIX at any time, if the PKIX WG wanted to work on it. >Rather than having roots be self-revoking, a somewhat better model is >to have a Uber-CA service that cross certifies other root CAs and >potentially revokes its own cross certifications. Some of the participants >in this list have previously advocated such a model. Maybe someone will >speak up. I can speak up for it, but I am loathe to say it is "better" than suicide notes. Having a trusted service that manages trust anchors for users can be very helpful. A trust anchor management protocol can also handle some of the problems that people have brought up on this list, such as wanting particular trust anchors to only cover constrained subsets of the naming tree. The downside is that few users know who they would trust to do this, and there has not been a good deployed model for making money running such a system other than in enterprises where the users have no choice. Thus, we muddle along with what we have today. The advantage of suicide notes is that it can be completely clear what they mean. "If you see a message whose structure is A, signed by B, never use B in any position in any validation chain ever again." That's pretty darn simple. It is also much more limited than a full-blown trust anchor management system. _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
