On Tue, Jun 3, 2008 at 1:05 PM, Ed Gerck <[EMAIL PROTECTED]> wrote: > [EMAIL PROTECTED] wrote: > > We see that the trust relationship represented by that SSL cert can be > copied without any loss, as many times as you wish > My understanding is that an SSL certificate is only a method to carry the assertion that the holder of the private key is the the subject named in the certificate (with possible limitations on the allowed uses of the private key). By using the certificate, one does not trust the subject - one does trust the signer of the certificate as an entity that verified the subject named in the certificate represents the actual subject (this is true even for self signed certificates <grin/>).
Copying the SSL certificate does not copy trust but sometimes copying some certificates do copy trust. Say Alice browses around the web looking to buy a widget and when her browser hits a particular HTTPS protected site, it pops up an "untrusted certificate" warning. Alice goes "oooo" and moves on to another site. Bob goes to the same site and his browser doesn't pop up the warning because Microsoft has automatically updated his computer's trusted CAs list. Bob's browser trusts the site and Bob trusts his browser so Bob buys the widget. Alice's browser didn't trust the site, and Alice, being a remarkable woman, actually paid attention to her browser and moved on. So we see, the "trusted CA" certificates do carry trust (heck, "trusted" is part of the name), and, when Microsoft copied the new trusted CA certificate into Bob's computer, Microsoft managed to copy trust. IT departments put corporate trusted CA certificates in employees computers. The US DoD puts their trusted root certificates in DoD computers. All these actions copy trust with high fidelity. But this method rings of an edict from on high, "Thou shalt trust ...". These methods still don't have the: // copy Alice's trust in Charlie to Bob Copy(Alice[trust-->Charlie], Bob) capability. The low fidelity ways of Epinions and eBay seem to be the only examples I can come up with that allow for that type of trust copying. For example: // copy the trust in Charlie a large group of eBayers has to Bob MaybeCopy(eBayClaim.LargeGroup[trust-->Charlie], Bob) The copy may or may not happen depending on Bob's feelings about the size of the group or the extent of the trust. Of course, the eBayesque trust copying happen in wetware. To move it to hardware would require an online protocol and method to register trust. I can see shades of the old PGP web-of-trust with added subtleties for timeliness and dispute resolution. > > As to another point of your comment, the problem most people have with PKI > is not that SSL does not work. SSL does not even need PKI. > I meant SSL as we use it - I believe the vast majority of SSL use involves a hierarchical PKI. I have rarely seen the use of pre-shared keys or self-signed certificates (which is technically still a PKI). -Michael Heyman --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]