On 9/1/09 00:46, Ben Bucksch wrote:
Certs expire for the same reason that credit cards do. Do you
understand why that is?
No, quite frankly, I do not.
First off, my credit cards (VISA, MasterCard) are valid until Jan 1, 2013.
I had to think about it too ... I think it is because in the old days,
the retailers had little pieces of paper with all the "revoked" credit
card numbers. Shop assistants were paid a reward for spotting the bad
credit cards. Back in the early days (I remember being trained on these
papers, we kept them under the register) there were around 100-1000
numbers on them.
Obviously that model didn't survive (there was real money involved) and
now all CCs are checked online, real time. So expiry should not be a
big deal anymore for *security* reasons.
Business reasons may still play a part, I think my (awful huge) online
bank wants to give me a new CC with a smart card, tell me its more
secure, not to worry, and by the way, all the liability has shifted to
me because I won't ever lose any money. Or somesuch complete travesty...
With OCSP, it's not a problem anymore, because the question is "is
*this* cert still valid?" not "tell me all revoked certs".
It's the net, dude! Only an online model makes sense. The 1980s telcos
didn't really know what they were looking at with this whole telephone
book in a cert thing.
It requires that CAs NEVER "forget" about any certs they previously
issued, not even after they expire.
They get paid for it, for each cert. Hotmail and Yahoo also never forget
the email addresses that were issued (they may get deactivated, but the
account still exists), and it's not even a paid service.
CAs probably have to remember the certs -- all of them -- for many years
for verification reasons. It will be in the CPS somewhere.
(OK, let me backtrack ...) it will be in the CPS for some CAs. The
reasons are obscure and possibly only Verisign really has a good
understanding of this, they are the only CA that seems to have a legal
"competence" to use the word correctly.)
Nelson's point was that CRLs become unbounded; but that's not a problem
(a) if there are no disputes or (b) in an OCSP world. Pick (a) or (b).
Is it technically possible for a cert to have two or more signatures?
No. X.509 certificates do not have multiple signatures.
No, because the content of all extensions are included in the
computation of the signature.
Can we create another extension? The signature itself is a shell around
the certified bits. Add the second signature around that first signature.
It is possible ... but you'd be better off trying to move Everest into
China. One of the core assumptions of the x.509 world is ONE SIGNATURE,
and ONE AUTHORITY. Nobody's going to agree with you.
There must be a way to add signatures. It's a base feature in PGP! If
it's entirely impossible to have two signatures, and no way to add it to
the spec, that's a design error. It's hard to believe that it's so limited.
Different school of thought. Sorry :)
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
