[caops-wg] Name Constraints - attempt at framing issues

Von Welch vwelch at ncsa.uiuc.edu
Fri Oct 14 11:21:56 CDT 2005 

David,

I think part of the issue here is that trust is not binary. I trust a  
CA to do certain things. The reason why we are discussing Name  
Constraints is that they are a way to express the limitations of that  
trust.

Von



On Oct 14, 2005, at 9:15 AM, David Chadwick wrote:

>
>
> Cowles, Robert D. wrote:
>
>>
>>
>>> 1) What CAs do we wish to consider as potential issuers for our   
>>> community? Is it just "Grid CAs" (by that I mean CA we can  
>>> reasonably  except to adhere to best practices as specified by  
>>> GGF WGs) or do we  want to also consider CAs that we have no  
>>> reasonable expectation of  being able to impact their policies or  
>>> procedures (e.g. commercial  CAs) as potential issuers for our  
>>> community as well?
>>>
>> I think that if we are successful, all this will be used in ways
>> we can't now imagine or, in the future, control.  To me, the idea  
>> of depending on CA's to issue certificates for DNs that are globally
>> unique is just asking for trouble.
>>
>
> Trusted third parties that cannot be trusted!! Why are we bothering  
> with them? Building a whole trust infrastructure on untrusted TTPs  
> is a pointless exercise in futility.
>
> regards
>
> David
>
>
>  Administrative controls to
>
>> keep the namespaces separate are clearly not good enough. The signing
>> policy file is a technical control but it still seems pretty weak.
>> To me, the thing that is unique is (DN + CA) and the function of the
>> CA is to try it's best to not issue a cert with the same DN to  
>> different people. I would be happy if they can do just that and I
>> think it unreasonable to believe that the DN is unique in the  
>> universe (or even a small section thereof).  The signing policy
>> files basically allow us to say - given this DN, it should have been
>> issued by that CA - and as far as I can see, it's because the CA
>> is't stored in the gridmapfile (and maybe it's not there because
>> the DN was suppoed to be unique - but that was8-10 years ago, and
>> we know better now).
>>
>>> 2) Do we believe that during normal operation the CAs indicated  
>>> in  the response to the first question have policy that will  
>>> result in  their issuing globally unique names and will reliably  
>>> follow that  policy?
>>>
>> I think it's not true in "normal operation" and that any  
>> moderately talented attacker would be able to generate a condition  
>> outside
>> of "normal operations" and get *someone* to issue a certificate
>> with any DN they chose.
>>
>>> 3) If a CA is compromised, given currently implementations, this  
>>> will
>>>
>> (my comments here were in an earlier email).
>>
>
> -- 
>
> *****************************************************************
> David W. Chadwick, BSc PhD
> Professor of Information Systems Security
> The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
> Tel: +44 1227 82 3221
> Fax +44 1227 762 811
> Mobile: +44 77 96 44 7184
> Email: D.W.Chadwick at kent.ac.uk
> Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
> Research Web site: http://sec.cs.kent.ac.uk
> Entrust key validation string: MLJ9-DU5T-HV8J
> PGP Key ID is 0xBC238DE5
>
> *****************************************************************
>
>

More information about the caops-wg mailing list