[cryptography] How are expired code-signing certs revoked?

Jonathan Thornburg jthorn at astro.indiana.edu
Sun Dec 25 10:33:25 EST 2011


Jon Callas wrote:
> Nonrepudiation is a somewhat daft belief. Let me give a
> gedankenexperiment. Suppose Alice phones up Bob and says, "Hey, Bob,
> I just noticed that you have a digital nature from me. Well, ummm, I
> didn't do it. I have no idea how that could have happened, but it
> wasn't me." Nonrepudiation is the belief that the probability that
> Alice is telling the truth is less than 2^{-128}, assuming a 3K RSA
> key or 256-bit ECDSA key either with SHA-256. Moreover, if that
> signature was made with an ECDSA-521 bit key and SHA-512, then the
> probability she's telling the truth goes down to 2^{-256}.

On Sun, 25 Dec 2011, Florian Weimer wrote:
> Those numbers aren't really important.  In practice, Alice says, "my
> secretary signed those documents for me, without me actually knowing
> their contents".

There are other alternatives as well:
* Alice says "Yes, I clicked the 'sign' button, but the document on my
  screen didn't say 'transfer all my money to Bob', it said 'transfer
  my next month's rent to $landlord'.  Hmm, just as I was clicking the
  'sign' button a bunch of stuff flashed up on the screen for a fraction
  of a second, then went away before I could read it.  That kind of thing
  happens a lot with my computer these days.  It's really irritating,
  isn't it?  But on the positive side, look at these cute dancing bunnies
  I downloaded a few weeks ago."
* Alice says "Hey, Bob, I just noticed that you have a digital nature
  from me. Well, ummm, I didn't do it. I have no idea how that could have
  happened, but it wasn't me.  I don't even know what a digital signature
  is, so I'm really really doubtful that I ever did one.  Hey, look at
  these cute dancing bunnies  I downloaded a few weeks ago."

In practice, a digital signature establishes a binding between some 
piece of software which knows Alice's private key, and some bit-string
(a "document").  But the legal system wants a binding to Alice's conscious
intent, which is a *very* different thing.

-- 
-- "Jonathan Thornburg [remove -animal to reply]" <jthorn at astro.indiana-zebra.edu>
   Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA
   "Washing one's hands of the conflict between the powerful and the
    powerless means to side with the powerful, not to be neutral."
                                      -- quote by Freire / poster by Oxfam



More information about the cryptography mailing list