[OT] CAs: A Story

J Horacio MG homega@ciberia.es (Horacio)
Sun, 23 Jan 2000 01:11:47 +0100


I saw a posting on a supposedly system-independent pgp list in Spanish
(well, you know, independent but just windoze and pgp-nai talk), and I
found it puzzling.

The poster complained that, after having sent his public key to a CA
(namely Thawte) they returned his key (previously uploading it in a
keyserver) not just signed, but with an extra uid.  Never gave thought
to this, but checking through my pubring I found this to be common
practice (I thought CAs were just about signing keys).

The explanation Thawte allegedly gave was the following:

" The PGP manual is misleading, I'm afraid. Anybody can create any
" identity for any key and sign it. Just like anybody can associate any
" name with any key in an X.509 certificate. The PGP formats are
" documented in a series of RFC's, and anybody who writes software
" compliant with those RFC's could do this. Now, to "self-sign" the Thawte
" Freemail member identity is impossible without your private key. That's
" why the "Thawte Freemail member" identity is signed by Thawte.

Oh well, the guy was angry as he was sure he only sent his public key in
first instance.  But please, read on:

" In theory, we could issue a revokation certificate for our signature on
" that identity, but this would mean that we'd need to develop support for
" a new format of PGP signature, and we don't have any plans to do that
" right now. Perhaps if corporates start to use PGP there will be demand
" for revokation in the PGP format.

Mmmmh... perhaps someone should tell these guys there's no need to
reinvent the wheel ... or is this not possible with GnuPG?  Ha!  if I'm
right there's room here for some fun here.

" The "Thawte Freemail Member" identity does not alter or change your key
" in any way. It is just another identity certificate associated with the
" key. People who do not trust Thawte will not see that as a valid
" identity.

Vaya, vaya... I'm a bit confused now.  I haven't paid much, if any,
attention to CAs so far, but this sounds to me like key "screwing".

Now, the Spanish guy goes on saying he's absolutely sure he *did not
give away his secret key*, but concerned about having compromised his
key through "signing and sending back to Thawte a small hexadecimal
string generated during the certification process".

Can anyone give some insight on the above tale?


Horacio					Anno MMDCCLIII ad Urbe condita
homega@ciberia.es			Valencia - ESPAŅA
Key fingerprint = F4EE AE5E 2F01 0DB3 62F2  A9F4 AD31 7093 4233 7AE6