From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Wed, 23 Aug 95 09:31:04 PDT
To: Michael Froomkin <mfroomki@umiami.ir.miami.edu>
Subject: Re: Certificates/Anonymity/Policy/True Names
Message-ID: <9508231630.AA01613@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


Michael Froomkin writes:
[...hypothetical screwups by CA leading to lawsuits snipped...]
>  Since (in the absence of any rules given the newness of the
>  technology) it is very likely that a rich CA would get nuisance
>  suits every time a deal in which it particiapted went sour, the
>  absence of rules will either raise costs CAs have to charge (e.g.
>  to buy insurance) or will keep rich folk out of the industry (which
>  isn't good either, since you want CAs to buy security and to last).
>  Thus the need for clear liability rules.

What about when the CA signing key is stolen, factored, or otherwise falls  
into the wrong hands, thereby possibly making every signature made by the CA  
worthless, or at least questionable?

I assume liability will be based on the CA's efforts to ensure the integrity  
of the signatures it makes (and therefore the confidentiality of the secret  
key components), but what constitutes due diligence?  As we all know,  
security measures cover a very wide range and can reach ridiculous  
proportions on both ends of the spectrum...  How much security will be  
'enough' from a legal standpoint...?


andrew