Nelson Bolyard wrote: > > John Gardiner Myers wrote: > > Ian Grigg wrote: > > > >> David Ross wrote: > >> > >>> Clearly (at least to me), the answer is: The primary and most > >>> important use of a CA certificate is to provide the Mozilla user > >>> with assurance that (1) a critical Web site is indeed what it > >>> purports to be > > >> (This is not clear at all. I think it rests on > >> a number of false assumptions, but those are > >> quite hard to describe in a quick email, so > >> I'll skip that here.) > > > As (1) is the definition of a certificate (modulo the fact that > > applicability goes beyond just web sites), it is as clear to me as any > > derivation from definitions. That you state it is not clear, omitting > > any argument, is in no way convincing. > > As you know, a certificate is a signed statement that is either true or > false. If it is false, then the act of presenting it as if it were true > is an act of fraud. The statement implicit in every cert has been "spoken" > by the Cert's issuer, and is signed by the cert's issuer. An English > approximation of that statement would read something like this: > > "Here is a public key, and a collection of one or more names (which > may include one or more of each of the following: > - a directory name (which may include > - a person's name, > - names of organizations, > - names of locations and states, > - postal addresses, etc.) and > - an email address, and/or > - a server's domain name, and/or > - an IP address. > I (the issuer) certify that the private key that complements this > public key is held by persons (or systems) rightfully identified > by all these names, and that the rightful holder(s) have the right to > use this public key for the following purposes: (list of purposes), > from this beginning date until this ending date." > > That statement is essentially a "binding" of names to a public key. > > By itself, this signed statement, this certificate, *DOES NOT* > "provide the Mozilla user with assurance that (1) a critical Web site > is indeed what it purports to be" > > ANYONE can make a copy of that cert, and put it on their website. > The mere posession of, and presentation of, that certificate provides > NO assurances whatsoever that the presenting party is the party named > on the certificate. > > ONLY the succesful demonstration, by the party presenting the certificate, > that he possesses the private key that complements the public key in > the cert, coupled with the validated CA signature on the cert, assures > the recipient of that party presenting the cert is the named party. > > That succesful demonstration can take the form of > > a) a signature that is verifiable by the party to whom the cert is > presented (the relying party), which signature incorporates information > provided by the relying party, or > > b) the demonstrable decryption of data that was encrypted by the > relying party using the public key in the cert.
The purpose of third-party audits is to provide evidence that the CA's practices include some defined level of care when using the CA certificate to sign a Web server certificate. If CA certificates are installed only when the CA has passed such an audit, then I indeed have some assurance that a critical Web site is indeed what it purports to be. That assurance is greater than if merely the CA itself said, "Trust me." It is also greater than if Mozilla said, "Don't worry. We know what we're doing." For protecting my bank and stock accounts and my privacy, I want to know that the CA that issued and signed my bank's or mutual fund's server certificate has itself been vetted by a professional using recognized, objective standards. -- David E. Ross <http://www.rossde.com/> I use Mozilla as my Web browser because I want a browser that complies with Web standards. See <http://www.mozilla.org/>. _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
