Certificates

Besides providing a guarantee of authenticity the security scheme must allow for a non repudiable record of the transaction to be made.

The need for such a scheme may be seen from the conference registration forms:

1. Fill in form.
2. Form is checked and presented to the user for confirmation
3. User confirms request.

The multiple submit actions required are unsatisfactory. It would be preferable to implement this confirmation within the client.

This example demonstrates the need for purpose specific signatures. For example a user should have the option of being informed before being commited to pay money. It should be expected that a user will have multiple signatures for different purposes. One mechanism for dealing with this problem would be to define signature capabilities such as Identify, Payment, Delegate etc.

Ordering Goods.

Home shopping paradigm

1. Visit page describing goods.
2. Decide to buy.
3. Fill in form.
4. Submit form with payment authority to vendor.
5. Review acceptance of the order.

Issues:

• Checking that the goods actually ordered are those described.
• Recording the transaction.

Business order paradigm

1. Visit page describing goods.
2. Decide to buy.
3. Fill in form.
4. Submit form to accounts department for payment authority.
5. Accounts department review, request required counter signatures etc
6. Recieve reply from accounts with authorisation
7. Submit order

Issues:

• Checking that the goods actually ordered are those described.
• Recording the transaction.
• Authorisation from accounts department is required. Multiple authorisations may be necessary. This may involve considerable delay.
• Original offer may be of limited duration.
• May be requirement to submit order to tender.

Use of Standalone Certificates.

A standalone certificate is a signed object.

• Evidence of order.
• Evidence of receipt, may also be necessary for use of product eg:
  • Software license.
  • Decryption key for access to periodical software etc. transmitted out of separately (ftp site, CD-ROM).
  • Authentication key for access to service.
• Distribution of keys.
• Validating a document with a signature from another party. E.g., binary software distribution.

Example Certificate

Digest-Boundary: RSA-MD5, Random string
Start-Date: 01 Jan 1994
Expiry-Date: 31 Dec 1994
Hardware-Id: hardware address of machine
Message-URI: URI of optional external message
MIC-Info: RSA-MD5, digest of the external message
MIC-Head: RSA, RSA-MD5, signed digest of the external body

The form of a message certificate should enable it to be stored with the signed object and used to create a message header.

A certificate might incorporate additional, contract specific information through additional X- format headers.