Don't forget there are security vulnerabilities in X.509v3. Ross Anderson's 'Robustness Principles' paper discusses the weakness of sign after encrypting. In the Crypto '95 proceedings, or on his web site. Adam Carl Ellison wrote: | It really bothers me whenever I see someone mouthing plattitudes | about certificates, like: | | >The ITU-T, through X.509, recommend strong authentication based on public | >key cryptosystems as the basis for providing secure services. The ISODE | >Consortium uses X.509 as the core of its security strategy. | >X.509 provides a flexible, scaleable and manageable algorithm-independent | >authentication infrastructure, which can be used as the basis for a wide | >range of security services such as message encryption and access control. | | Fact is, identity certification (which is what X.509 gives) is neither | necessary nor sufficient for providing secure services -- and there's | nothing magic about X.509. | | There are marketeers, however, who want the world to believe that the | generation and use of X.509 certs will somehow give you security -- so they | can sell machinery or a service which makes those certs. | | - Carl | | P.S. My USENIX paper giving the case against certification authorities is | on-line now at <ftp://ftp.clark.net/pub/cme/usenix.ps> = | <http://www.clark.net/pub/cme/usenix.ps> | | +------------------------------------------------------------------+ | |Carl M. Ellison cme@acm.org http://www.clark.net/pub/cme | | | PGP 2.6.2: 61 E2 DE 7F CB 9D 79 84 E9 C8 04 8B A6 32 21 A2 | | +-Officer, officer, arrest that man. He's whistling a dirty song.--+ | -- "It is seldom that liberty of any kind is lost all at once." -Hume