Today's PKI Issues Concall

[Steve Hanna <steve.hanna@sun.com>]

In preparation for today's PKI TC Issues SC concall
(scheduled for 2:00 PM EST, I believe) I have reviewed
the comments received since our last concall. Of course,
we still have lots of comments with recommendations left
over from last week's Issues SC concall that we still
need to discuss. But in the interests of keeping up with
comments, here are the ones that I have seen since then.

I believe that both of these comments are in areas that
I signed up for, so I have also supplied a commentary
and recommendation for each one. We can discuss these
after all the ones left over from our last meeting,
if we have time.

If you have seen any other comments that aren't on our
lists, please send them on.

Thanks,

Steve

--------

anders.rundgren@telia.com-2003-11-23-Guidelines-7

Brief Quote:
  Practically every aspect of client-side Web-PKI, ranging from
  on-line key generation and certification support, to on-line
  (web-form) signing, is currently entirely vendor-dependent.

  [The commenter then goes on to suggest that standards should
  be developed in these areas and widely implemented.]

Commentary/Recommendation:
  The PKI Action Plan already calls for the development of
  specific standards or profiles for document signing (including
  form signing). In our last TC meeting, we added language
  stating that certificate management is also a concern. So I
  don't think that any changes to the PKI Action Plan are
  required. This comment can be passed on to those who will
  be working on the Application Guidelines Action Item.

Terry.Jones@vac-acc.gc.ca-2003-11-17-General-18

Brief Quote:
  I agree that PKI is an enabling technology, and that efforts
  have to be made to make better use of the advantages it
  provides. The proliferation of viruses and worms carrying
  keystroke loggers and remote control applications should
  cause users to assume that their PC may be compromised. This
  may drive the need for better assurances that the end user
  is who they say they are, and electronic exchanges are what
  they appear to be. PKI and supporting technologies can offer
  solutions.

Commentary/Recommendation:
  I'm glad the commenter agrees that we should use PKI more.
  I share his concern about workstation compromise, but I'm
  not so confident that PKI will help address that. In fact,
  combining compromised workstations with user certificates
  seems especially dangerous since the workstation can easily
  perform unauthorized operations using the user's private key.

  The techniques I'm aware of to reduce the threat of workstation
  compromise include: firewalls, anti-virus and malware protection,
  improving software quality, limiting software privileges through
  fine-grained privilege and memory protection, using a secure
  limited-function device to perform high-risk operations,
  physical security, code signing, trusted hardware platforms,
  and auditting and intrusion detection to detect workstation
  compromise. PKI can be part of some of these, but it isn't
  typically the main part.

  I recommend that we contact the commenter, thank him for his
  comments, and ask for clarification about his suggestion that
  PKI can offer solutions to workstation compromise.

S/MIME Cryptographic Signature