Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI

[Lincoln Yeoh <lyeoh () POP JARING MY>]

At 01:16 PM 8/25/00 -0500, Timothy J. Miller wrote:
> Christoph Puppe <christoph.puppe () DEFCOM-SEC COM> writes:
>
> > > smartcard-enabled company, when the CEO forgets his smartcard at home
> > > are *you* going to tell him that he *must* drive home and get it, or
> > > are you simply going to snatch his private key from escrow and issue
> > > him a temporary card?
>
> >   He should fire you if you don't.
>
>        *You* know that and *I* know that, but this is *exactly* the
> approach being taken by most private PKI rollouts.

I disagree that some form of escrow is a bad idea in a corporate environment.

For example the key itself or a master key could be split (Blakely Shamir
style) and then encrypted and escrowed with multiple entities - e.g. board
members, company safe.

So you need a whole bunch of people to recreate the key, but it is still
possible. And if the CEO keeps losing the key or forgetting the passphrase,
the board members are going to get rather annoyed ;).

With this approach if the CEO's smartcard is not available or the CEO is
incapacitated, things can still be done.

Whether corporations should exist as entities on their own is a different
matter :).

Cheerio,
Link.