Split private Key

Michael Sierchio kudzu@tenebras.com
Wed Sep 12 18:20:01 2001


Clayton Haapala wrote:


> Why not encrypt the Certificate key, prior to splitting it
Encrypt the public key? Does not compute. Encryption is also not the same as splitting -- splitting is one way to ensure that more than N principals must act in concert to sign something -- and that signature might be an authorization to perform some action with security consequences. Of course "PKI" is not adequate as a trust management system -- it's concerned with authentication, but leaves authorization as an exercise for the reader. ;-) The right way to do this is have an authorization mechanism that requires K-of-N parties to sign a request for action. See: http://www.cs.yale.edu/homes/jf/usenix-ecom98.pdf http://www.tenebras.com/rfc/rfc/27/rfc2704.txt http://www.crypto.com/trustmgt/kn.html apache-ssl has a module that permits the use of KeyNote policies in access control.