Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jens’ Soapbox J Jensen Rutherford Appleton Laboratory Berlin, Sep 2009.

Published byLaura Young Modified over 8 years ago

Similar presentations

Presentation on theme: "Jens’ Soapbox J Jensen Rutherford Appleton Laboratory Berlin, Sep 2009."— Presentation transcript:

1 Jens’ Soapbox J Jensen Rutherford Appleton Laboratory Berlin, Sep 2009

2 Soapbox History First official Soapbox on EU PMAgenda Luminy, January 2005 That was Soapbox part two Although I can’t believe there was a PMA where I didn’t speak?

3 Pre-Soapbox Soapbox I Praeterea Censeo Do not send CP/CPS to the list! Huge attachments are evil and rude Send pointers to CP/CPS

4 Pre-Soapbox Soapbox II For CA issuing CAs (non-EE), aka HLCA Permit non-IGTF CAs in signing policy file Explicit or implicit naming Improves security, doesn’t weaken it Already backed by TAGPMA!

5 Pre-Soapbox Soapbox III Jens’ Great Guide to Good Grid Governance Non-technical but advanced writeup of soapbox (SJ lecture series) To be published as IGTF doc –or book

6 Pre-Soapbox Soapbox IV The role of the proxy Case long-lived proxies being used to bypass the rules RP issue or CA issue? IGTF?

7 Questions in Quixotic Quest for Quotidian Quality The Soapbox proper: A Signatures Miscellany - mostly in the SJ series

8 Qui Quis Ubi Quibus Cur Quomodo Quando Auxilio Signatures are often permitted rather than supported But these are signatures in wider context Used for AUP, email Worth looking at, for the SJ (but also QQ)

9 Signatures Assertions …assert the integrity of stuff …asserts timestamp of signature …assert the authenticity of the signer (source) …assert legal binding (ECA2000,15(2)(a))

10 Assertions Explicit: stuff, time, who Implicit: intent Absent: why, context

11 Electronic vs Digitial Conscious vs Automatic Conscious effort to make signature –Yes, this is my signature –Yes, I signed this stuff at that time –The stuff has not been changed –I cannot deny having signed it (much later)

12 Electronic vs Digital US: Digital is conscious –Electronic may be automatic –Or may be a scanned paper signature [ABA] UK/EU: Electronic is conscious –Or Electronic = Digital, synonymous –[ECA2000,EC/1999/93]

13 The Law Lots of stuff for electronic signatures Evidential weight: duty of care etc –BIP 0008 Understand intent, not crypto “Classic signatures” understood

14 Signature Evaluation The question of Trust in certificate The question of trusting user’s intent –Usability vs Signalling intent –Frequency and training –Language, interface [johnny] The question of time

15 Signature Evaluation The Use in Controlled Environments –The Grid is a C.E.? –Other online equiv., banks, e-commerce

16 Signature Evaluation - Time verifycreate “Geography” EndStart Timeliness Sig Rev OK invalid Sig

17 Key Management Quality of generation Duty of care again in key lifecycle Same as yesterday’s robotbox –AuC, AuZ, log Leakage of key/other key threats –Cf. yesterday’s talk

18 Key Management Sysadmins and other privileged entities Key backups Escrow Proxies: loose cannons

19 Key generation and Escrow Are escrowed keys inherently less trusted for signatures –ECA2000, 14 (1) Are keys generated by (non-user) inherently less trusted

20 Distance Stuff Things to sign Key Used to sign Action Interface Usability

21 Distance Stuff Stuff to sign Key Key to sign with Freq I/face Interface Language Intent Legal I/face

22 The Trust Distance W&F “warm” “fuzzy” CA Cert Policy Pro- cess Image © STFC

23 RP concerns User Distance To Key Concern for confidentiality of key Authorised and logged use of key Wider risk of “leakage” Perceived distance by user

24 RP Concerns How many people can access the private key Consequence of errors

25 RP Concerns: LoA Asked for (eg openid) Good enough today Required tomorrow Special apps areas Grid opens Finance, biomed Usability

26 Authorising Use of Key Value of signature may req diff LoA Individually authenticated (normal) Role (human robots, as it were) Dual control (eg root CA) Audited (eg CA)

27 Delegation of Authority Depending on m’ware support –And infrastructure Limit authority Cf. projects eg Stanford authority

28 Threshold of Invoking Recourse If something goes wrong, who to turn to What is the process Can it be invoked at level of wrongness Does it actually work Signature may be out of scope of CA Or not

29 Speed Considerations Longer chains are expensive RSA verifications are expensive-ish –Exponents with few bits help (public key: verification) –Shorter keys help

30 The Confusion clusion Layering reduces the WF –Exdirection Capturing intent is difficult Specific considerations useful in wider contexts LoWF

31 Refs R Anderson : Engineering… BIP 0008 Why Johnny can’t encrypt [PGP] ECA2000, other dig sig stds.

Download ppt "Jens’ Soapbox J Jensen Rutherford Appleton Laboratory Berlin, Sep 2009."

Similar presentations

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Lecture 5: Email security: PGP Anish Arora CSE 5473 Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CSE 5473 Introduction to Network Security.
Lecture 5: Email security: PGP Anish Arora CIS694K Introduction to Network Security.

Lecture 5: security: PGP Anish Arora CIS694K Introduction to Network Security.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Public Key Management Brent Waters. Page 2 Last Time  Saw multiple one-way function candidates for sigs. OWP (AES) Discrete Log Trapdoor Permutation.

Public Key Management Brent Waters. Page 2 Last Time  Saw multiple one-way function candidates for sigs. OWP (AES) Discrete Log Trapdoor Permutation.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.

1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.
Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.

Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.
User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.

User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Chapter 19 Security.

Chapter 19 Security.
Security Management.

Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Similar presentations

Ads by Google