Getting a KeyPOST Digital Certificate - Part 1 - Applying

Mandy_Cramer@hr-m.b-m.defence.gov.au Mandy_Cramer@hr-m.b-m.defence.gov.au
Wed, 19 Aug 1998 15:54:30 +1000 


said:

>>Although self generated private key is assumed to be vital, its
>>actually provably weaker.* users use free to air s/w like pgp which >>is
great, but trivially easy to subvert. its s/w. its much harder to >>ensure
s/w randomness is real.


The PKAF Task Force and Gatekeeper were both concerned with this - NEVER
from a 'key escrow' point of view but from it being a 'weak link'

>>I think you'll find that PKAF right now assumes key generation by the
>>allocator is vital to ensure standards are met. Not for escrow,
>>although that is also part of the equation.

In our PKAF report we said that "A user's public/private key pair may be
generated by the user or by an entity for the user, provided the key pair
is generated using a consistent and trusted method. (it continues on
further - refer 3.3.1)  We were trying to steer people to sufficiently
'strong' generation mechanisms.

Gatekeeper acknowledged self generated keys for non-government users.
(except for the CAs themselves who require keys from an accredited entity
in the GPKA).  I think I recall that also mentioned is a requirement, with
self generated keys, the CAs should have a mechanism, using the presented
public key,  that would verify that user was the legitimate holder of the
private key.

The other reservation was that the Commonwealth reserved the option to
"refuse to accept them" - badly worded - we meant - accepting a
'transaction' that meant "unacceptable liability" might accrue to the
Commonwealth or where it involved the "protection of national classified
material".

>>And of course, nothing stops you using the auspost key to exchange >>some
other token you really want to use for crypto, or using it for >>identity
alone, and doing diffie-helman or elliptic curve to select >>specific keys
for the crypto.

Gatekeeper recommends 2 key pairs.  One set for signature only, to "provide
added protection to the integrity of a user's authentication digital
signature.  There are no lawful curcumstances where users should be
required to surrender their signature key pair."  The other would be used
for key exchange.

regards,  Mandy Cramer