[cap-talk] Bundling an Organization's certs with the Petname toolbar

dmercer at email.arizona.edu dmercer at email.arizona.edu
Sat Feb 26 17:42:32 EST 2005 

Quoting Jed at Webstart <donnelley1 at webstart.com>:

> All,
>
> Perhaps after my previous message where I tried
> to clarify the identity function that I believe the
> Petname toolbar is providing it might be reasonable
> to discuss the "bundling" of an identity (e.g.
> Amazon.com)  to Organization (O): Amazon.com Inc.

Yes, as the Organization (O) attribute MAY or may not
be present (I should perhaps insert a <Standards-ese> tag
at the start of this sentence!) See:
http://www.faqs.org/rfcs/rfc3739.html

Specific comments below, which mostly turn out to be
open questions (examination of a large number of certs
from different CAs in the wild may be necessary to figure
out what the best things to bind a petname to are)

> I believe that if the Petname does the binding to
> the Organization (O) in the certificate as signed
> by a single certificate authority and the organization
> trusts (there's that word again - used in the common
> English sense) the certificate signing authority
> to not mix organizations (that is not to sign a
> certificate request with one Organization name
> if gets the request from a different Organization),
> then having the Petname toolbar bind to the
> Organization/CA pair in the certificate rather than to
> the key hash will be safe.

Here's the relevant bits from RFC 3739, which imply for SSL certs
that you're only guaranteed to have a Distinguished Name (DN),
at least one of commonNane, givenName or pseudonym, and of course
ssl certs must have a domainComponent, but that's all you have to have.
Organization (O) may or may not be there!

 From RFC 3739:
<blockquote>3.1.2.  Subject

    The subject field of a certificate compliant with this profile SHALL
    contain a distinguished name of the subject (see 2.4 for definition
    of distinguished name).

    The subject field SHALL contain an appropriate subset of the
    following attributes:

       domainComponent;
       countryName;
       commonName;
       surname;
       givenName;
       pseudonym;
       serialNumber;
       title;
       organizationName;
       organizationalUnitName;
       stateOrProvinceName; and
       localityName.

    The domainComponent attribute is defined in [RFC 2247], all other
    attributes are defined in [RFC 3280] and [X.520].

    Other attri<butes MAY also be present; however, the use of other
    attributes MUST NOT be necessary to distinguish one subject name from
    another subject name.  That is, the attributes listed above are
    sufficient to ensure unique subject names.

    Of these attributes, the subject field SHALL include at least one of
    the following:

       Choice   I:  commonName
       Choice  II:  givenName
       Choice III:  pseudonym</blockquote>

> In some ways it seems that the user can be safe
> in developing a relationship with the Petname'd
> entity in that in some sense even if the remote
> entity isn't worthy of the trust by virtue of itself
> using an untrustworthy CA, then its still the
> remote entity that is ultimately betraying any
> trust - just as if it had subcontracted any other
> service that it performed.

I agree.  If we can thrash out a 100% unique binding for PetNames
for current ssl certs, that'd be great!  binding to (CA, O) is a
great start, but won't always work.  Although perhaps the mere
lack of an Organization field should in itself be enough to set off
red flags!

> If there's debate about this bundling then I think we should
> discuss it separately from all the discussion about
> terminology and such.  I believe this is more of
> a technical issue that we might be able to come to
> some consensus on.  I was a bit surprised how
> quickly Tyler jumped on this idea and put it into
> the prototype Petname toolbar implementation.
> Perhaps we should find out if there's disagreement
> about that choice.

I think so too.  I just think that the binding choice may need
to be refined a bit.  It strikes me that personally operated sites
may be the ones least likely to have an (O) attribute, but I don't
know of any personal site running anything with an ssl cert.  If they
were self-signed httpsy or similar certs, that'd be a different story, and
then we might care more about that.

-David Mercer

More information about the cap-talk mailing list