Re: Certificate questions...

Mon, 6 Mar 2000 14:18:43 -0800 

Karl Denninger <[EMAIL PROTECTED]> writes:
> Well, I understand that, but it seems that people (including Thawte,
> Microslug and Nutscrape) are missing the point.
> 
> There are to separate things that secure web servers do.
> 
> 1.    Authenticate who you're talking to, so that when you engage in
>       commerce you have some indication that the merchant you think you're
>       dealing with is really who you're dealing with.
> 
> 2.    Encrypt the data so that it cannot be intercepted between the
>       sending and receiving machines.
> 
> These are NOT the same function, and needing one of them does not imply
> needing the other.  
This is incorrect.

Without authentication of the merchant's identity, you're subject to
a variety of active attacks where the attacker substitutes his
key for the merchant's. You can only have encryption without 
endpoint authentication if your threat model does not include 
active attack.

> Yet, in today's world, you cannot have one without the other, which means
> that to get EITHER you must pay someone.
> 
> Contrast this with PGP for email, in which I can publish a public key and
> once you obtain it you're able to receive an encrypted communication from 
> me and decode the traffic.  My generation of that key pair does not require
> that it be "certified" by any third party.
The generation, no. However, in order for people sending you mail
to be sure that they are not subject to active key substitution
attacks, they key pair does need to be securely bound to the
recipient. Unless you're prepared to exchange keys with all of your
correcpondents out of band, you do need third party key certification.
PGP accomplishes this using key signing rather than certificates
per se, but it's an analagous concept.

-Ekr


-- 
[Eric Rescorla                                   [EMAIL PROTECTED]]
          PureTLS - free SSLv3/TLS software for Java
                http://www.rtfm.com/puretls/
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to