> -----Original Message-----
> From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, June 20, 2000 7:35 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: "Suspending" certificate
>
>
> From: Yuji Shinozaki <[EMAIL PROTECTED]>
>
> ys2n> Hmmm. Doesn't this get really complicated? As in
> suppose you have a
> ys2n> document that is signed by a cert that has been
> suspended and then has
> ys2n> been reinstated. In order to verify that the document
> was signed by the
> ys2n> cert "when it was good", you would need to know:
> ys2n>
> ys2n> 1. when the cert was signed (and this must be a "signed
> ys2n> datestamp" (signed by a trusted
> third-party) because
> ys2n> someone could forge the date.
> ys2n> 2. every period when the cert was suspended
> ys2n> 3. every period when the cert was valid
> ys2n>
> ys2n> I suppose someone is thinking about how to do all this...
>
> Funny you should mentino this. It was taken up on the ietf-pkix list
> just a few days ago, and I think someone concluded that a signature
> would always be valid if corresponding to a cert that has once been
> valid.
>
> Really, what one would need is to have a timestamp associated with the
> signature and the possibility to check the validity of the associated
> cert at that time. That would require that everyone keeps a history
> of the certs they have to handle rather than just the current state...
>
Just one thought (possibly completely naive): a digital signature, if we
want to be able to check when the document was signed and if we want
non-repudiation capability should be, if I'm right, obtained like this:
I produce the document,
I generate a signature with my, currently valid, certificate
I send a message some time-stamping authority, containing the
signature and the date and time at which I pretend to sign it; this
authority will then sign this message with it's own certificate adding the
date and time at which it signed it.
This would allow anyone to sign and date a document without having to
disclose the document itself; the dating authority may be negociated with
the other parties if needed, and may be the other party itself (if signing a
simple bilateral contract).
My question is thus: is there such a protocol, and such timestampting
authorities? This role could be assumed by the root CAs or by official time
holding bodies; note that this only need a trusted system with a trusted
time base, but the process itself could be entirely automatic.
TIA
Bernard
--------------------------------------------
Bernard Dautrevaux
Microprocess Ingéniérie
97 bis, rue de Colombes
92400 COURBEVOIE
FRANCE
Tel: +33 (0) 1 47 68 80 80
Fax: +33 (0) 1 47 88 97 85
e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED]
--------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
