as i've mentioned before certificates have very little to do directly with
digital signatures .... they are a mechanism for trust propogation ... akin
to the letters of credit from the days of sailing ship .... where the
relying party had no direct and/or online knowledge of the signing party
and no direct and/or online access to the certifying party.
however, the scenario for the financial relying-party-only certificates
issue that were distributed during the 90s .... are analogous to requiring
that when I go into my bank branch office to negotiate with the branch
manager .... I first go into my bank branch office and talk the branch
manager into giving me a letter of credit credential to introduce me to
some stranger, relying party .... I then leave the bank branch, re-enter
the same bank branch and go to the same branch manager and present the
letter of credit credential (that they just created) as a prelude to the
branch manager doing business with me.
There has been some past discussions with regard to certificates that carry
a "non-repudiation" indication and something that has been severely
depreciated. I believe originally, there was some desire to differentiate
to unknown, relying-parties (aka strangers) the difference between the
entity's use of keys for data hidning and keys for authentication. These
are effectively totally different business processes relying on the same
technology. However, one issue in the difference in the business processes
is that data hiding (encryption) keys tend to require that the private key
be escrowed (for business continuity reasons) and the business processes
for authentication requires that the private key never be divulged.
However, there seemed to have been some aggradizement of the business
process authentication concept to non-repudiation.
One of the things seen (in at least the cal. state electronic signature law
and the US federal electronic signature law) is that there is a somewhat
explicit deliniation between demonstrating intention (as required by things
like contract law and non-repudiation) and authentication. A digital
signature can demonstrate authentication (and exists totally independently
of whether certificates exist or not as part of providing trust propogation
to relying party strangers). However, it is pretty clear than to
demonstrate intention and/or agreement that there is a lot more required
(to form basis of valid signature ... as per law) ... and also has resulted
in depreciation of any reference to non-repudiation with regard to X.509
... since there is nothing (little?) in X.509 that provides the basis for
non-repudiation. The electronic signature law references a bunch of stuff
required for a valid/binding legal signature and non-repudiation ... and it
has little or nothing to do directly with "digital signatures" ... therefor
the more general reference being made to "electronic signatures" (as well
as nothing to do with the need for "trust propogation" as represented by
certificates). It is possible for "digital signatures" to be used in
conjunction with other things to be a valid "electronic signature" ...
however there are a number of other authentication methods that can be used
in conjunction with intention/non-repudiation operations that also satisfy
the requirement for "electronic signature".
to some extent a digital signature is purely a demonstration of one or two
factors from the three factor authentication model:
* something you have
* something you know
* something you are
A valid digital signature might demonstrate that possibly you possesed a
hardware token that contained a unique private key that existed no place
else in the world (or say a file that resides on your harddisk containing
the private key). The use of the private key to generate a digital
signature establishes one factor authentication as "something you have".
This might be improved by having hardware tokens that contain a unique
private key and require a unique PIN to be entered before they operate.
Given that the characteristics of the hardware token can be established,
then a digital signature by such a hardware token may be considered as
demonstrating two-factor authentication (the token as something you have,
and entering the correct PIN as something you know).
More complex tokens can require both a PIN and a biometric ..... for
3-factor authentication; the application of the digital signature (given
that the characteristics of the token can be prooved) can demonstrate 1)
something you have (the token), 2) something you know (correct PIN
entered), 3) something you are (correct biometric entered).
Notice that the really critical issues about the level of trust with regard
to authentication goes up with the factors involved .... and has nothing at
all to do with cretificates and/or the concept of trust propogation.
With regard to legal, trusted signature .... the issues of demonstrating
intention and/or non-repudiation are a critical issue (independent of
things like digital signatures, and quite definitly independent of of
issues of trust propogation and certificates) as well as the level of trust
in the authentication mechanism (i.e. number of factors, possibly
evaluation of hardware token, etc .... again having no relationship at all
with regard to trust propogation and certifictaes).
given the foundation for strong demonstration of authentication and strong
demonstration of intention and non-repudiation .... then one might consider
certificates as mechanism for trust propogation for the benefit of relying
party strangers (assuming an unconnected, offline infrastructure where the
relying party stranger has no prior knowledge of the signing entity and/or
no recourse for contacting the certifying authority) .... but the existing
certificates do little or nothing to address the level of trust in the
authentication mechanism and/or the level of trust in the non-repudiation
mechanism.
a few past threads related to 3-factor authentication:
http://www.garlic.com/~lynn/aadsm10.htm#bio6 biometrics
http://www.garlic.com/~lynn/aadsm10.htm#keygen2 Welome to the Internet,
here's your private key
http://www.garlic.com/~lynn/aadsm11.htm#5 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm12.htm#24 Interests of online banks and
their users [was Re: Cryptogram: Palladium Only for DRM]
http://www.garlic.com/~lynn/aadsm14.htm#23 Maybe It's Snake Oil All the Way
Down
http://www.garlic.com/~lynn/aadsm14.htm#39 An attack on paypal
http://www.garlic.com/~lynn/aadsm15.htm#25 WYTM?
a few past threads specifically related to non-repudiation:
http://www.garlic.com/~lynn/aadsm11.htm#5 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#6 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#7 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#8 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#9 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#11 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#12 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#13 Words, Books, and Key Usage
http://www.garlic.com/~lynn/aadsm11.htm#14 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#15 Meaning of Non-repudiation
--
Internet trivia, 20th anv: http://www.garlic.com/~lynn/rfcietff.htm
[EMAIL PROTECTED] on 10/31/2003 2:18 am wrote:
http://www.fineid.fi/default.asp?todo=setlang&lang=uk
this is a link to an interesting multimedia presentation on the Finnish
government - banks - telcos joint project on using the government produced
certificate on bank and telco issued cards.
Pekka Honkanen
-----Alkuper�inen viesti-----
L�hett�j�: Anders Rundgren [mailto:[EMAIL PROTECTED]
L�hetetty: 30. lokakuuta 2003 23:46
Vastaanottaja: internet-payments
Aihe: On-line signature standards
Here is some information related to Internet payment gathered
from a poll made to the IETF-PKIX, IETF-SMIME, and the OASIS
PKI-TC lists regarding the current state of on-line signature standards
=====================================================
There are apparently no standards and nothing in the works either
with respect to signing on-line data on the web using Internet browsers.
=====================================================
Since web-signing is today [*] used by many, many, more people
and organizations than there are users of signed e-email, I remain puzzled.
Is the PKI community really just a bunch of "nerds", mostly out of
touch with the needs of the market?
And what good is a legal framework like the EU signature directive,
intended to address "legal interoperability" if there is no
interoperability
in the technical solutions?
"The truth is [still] out there" to travesty a famous TV series.
However, my request spurred quite a lot of interest, so I believe that web-
signing really is a thing that finally will be standardized. The question
is more by who, as the major interest is really coming from the public
sector, not from commercial entities like banks, that rather protect their
investments in proprietary solutions. I personally plan to pusue such
a task in W3C or in OASIS in case somebody is interested.
*] Like Scandinavian banks having > 0.5M of users.
All current systems rely on entirely proprietary mechanisms.
Most of the vendors even require NDAs for getting the documentation.
Anders Rundgren
