[cryptography] How are expired code-signing certs revoked?
pgut001 at cs.auckland.ac.nz
Wed Dec 7 16:38:55 EST 2011
Marsh Ray <marsh at extendedsubset.com> writes:
>Originally, public key systems were said to possess deliver this property of
>'nonrepudiation', meaning a digital signature could effectively authenticate
>the intent of the party associated with the private key.
Uhh, they were never said to deliver this property by anyone who knew anything
about law, they were simply declared to have it by mathematicians and
The term "repudiation" has a specific legal meaning but this has nothing to
do with the use of the term in certificates, and there seems to have been
little to no input from lawyers into the PKI standards that were meant to be
used for digital signatures (it's always amusing watching heated arguments
in standards groups over what both sides think that lawyers might advise if
they actually asked them). In particular, disabusing geeks of the notion
that what's referred to in crypto/PKI theory as nonrepudiation actually
means anything in a real-world legal context is really, really hard. Geeks
really want to believe in the magic of cryptography.
In recognition of this, X.509 some years ago stopped even pretending that
digital signatures provided nonrepudiation. The certificate flag that used to
be nonRepudiation is now called contentCommitment to indicate it's for a long-
term signature, while digitalSignature is for a short-term signature like
authenticating for an online service.
(There's a lot more to the NR/CC saga than that, very few implementers seem to
have got the memo about NR = CC and everyone just uses digitalSignature for
everything, see the "magic of cryptography" comment in the excerpt above).
More information about the cryptography