1995-11-26 - Re: Cypherpunk Certification Authority

Header Data

From: chen@intuit.com (Mark Chen)
To: adam@lighthouse.homeport.org (Adam Shostack)
Message Hash: a02716a7cdf1cf76df847cbc683f98d869233ba59fb8b14c62ccfadf2c9d507f
Message ID: <9511260216.AA23306@doom.intuit.com>
Reply To: <199511252105.QAA08724@homeport.org>
UTC Datetime: 1995-11-26 02:26:44 UTC
Raw Date: Sun, 26 Nov 1995 10:26:44 +0800

Raw message

From: chen@intuit.com (Mark Chen)
Date: Sun, 26 Nov 1995 10:26:44 +0800
To: adam@lighthouse.homeport.org (Adam Shostack)
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <199511252105.QAA08724@homeport.org>
Message-ID: <9511260216.AA23306@doom.intuit.com>
MIME-Version: 1.0
Content-Type: text/plain



> | C) Don't settle for less than X.509 ver 3, because this allows the 
> | certificate to carry within it a reference to the location of the CRL 
> | list.  Use that feature.
> 
> 	Does X.509 version 3 fix the problem that Ross Anderson points
> out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
> ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)

I don't believe that it does.

For those who missed it, the problem is that the encryptor in an
encrypt-before-signing protocol is able to use his knowledge of the
factorization of the encryption modulus to compute a discrete log, and
forge another message for which the signature is also valid (after
registering the new exponent).

   - Mark -



--
Mark Chen 
chen@intuit.com
415/329-6913
finger for PGP public key
D4 99 54 2A 98 B1 48 0C  CF 95 A5 B0 6E E0 1E 1D

Thread

• Return to November 1995

• Return to “Adam Shostack <adam@lighthouse.homeport.org>”
• Return to “Aleph One <aleph1@dfw.net>”
• Return to “Alex Strasheim <cp@proust.suba.com>”
• Return to “Andreas Bogk <andreas@artcom.de>”
• Return to “chen@intuit.com (Mark Chen)”
• Return to “Eric Young <eay@mincom.oz.au>”
• Return to “Jeff Weinstein <jsw@netscape.com>”
• Return to “Jyri Kaljundi <jk@digit.ee>”
• Return to “Laurent Demailly <dl@hplyot.obspm.fr>”
• Return to “Michael Froomkin <froomkin@law.miami.edu>”
• Return to ““Perry E. Metzger” <perry@piermont.com>”

• Return to “sameer <sameer@c2.org>”

• 1995-11-25 (Sun, 26 Nov 1995 04:51:44 +0800) - Cypherpunk Certification Authority - Aleph One <aleph1@dfw.net>
  • 1995-11-25 (Sun, 26 Nov 1995 00:57:25 +0800) - Re: Cypherpunk Certification Authority - “Perry E. Metzger” <perry@piermont.com>
    • 1995-11-25 (Sun, 26 Nov 1995 01:45:59 +0800) - Re: Cypherpunk Certification Authority - sameer <sameer@c2.org>
    • 1995-11-25 (Sun, 26 Nov 1995 03:03:26 +0800) - Re: Cypherpunk Certification Authority - Andreas Bogk <andreas@artcom.de>
      • 1995-11-25 (Sun, 26 Nov 1995 04:29:09 +0800) - Re: Cypherpunk Certification Authority - Michael Froomkin <froomkin@law.miami.edu>
        • 1995-11-25 (Sun, 26 Nov 1995 05:09:38 +0800) - Re: Cypherpunk Certification Authority - Adam Shostack <adam@lighthouse.homeport.org>
          • 1995-11-26 (Sun, 26 Nov 1995 10:26:44 +0800) - Re: Cypherpunk Certification Authority - chen@intuit.com (Mark Chen)
    • 1995-11-25 (Sun, 26 Nov 1995 04:33:08 +0800) - Re: Cypherpunk Certification Authority - Aleph One <aleph1@dfw.net>
      • 1995-11-25 (Sun, 26 Nov 1995 05:48:21 +0800) - Re: Cypherpunk Certification Authority - Alex Strasheim <cp@proust.suba.com>
      • 1995-11-27 (Mon, 27 Nov 1995 19:20:22 +0800) - Re: Cypherpunk Certification Authority - Jeff Weinstein <jsw@netscape.com>
        • 1995-11-27 (Tue, 28 Nov 1995 00:37:11 +0800) - Re: Cypherpunk Certification Authority - Jyri Kaljundi <jk@digit.ee>
          • 1995-11-27 (Tue, 28 Nov 1995 01:39:42 +0800) - Re: Cypherpunk Certification Authority - Eric Young <eay@mincom.oz.au>
        • 1995-11-27 (Tue, 28 Nov 1995 01:08:16 +0800) - Re: Cypherpunk Certification Authority - sameer <sameer@c2.org>
      • 1995-11-27 (Tue, 28 Nov 1995 04:39:16 +0800) - Re: Cypherpunk Certification Authority - Laurent Demailly <dl@hplyot.obspm.fr>