PKI Logic

In the notes, Tyler Close and Ben Laurie say that the common browsers require that the “name in the cert” match the domain name in the URL when they access a page with https. I hope that they are right. In the following I walk thru the security situation with that assumption.

What does a PKI client require of the PKI? I think only that the client’s “distinguished name” not be bound to any public key but his own, or at least not by any CA likely to be trusted by his correspondents. Global registration of such names seems to necessary and sufficient for this, for some concept of “global”. This is a substantial problem that entirely disappears when the public key itself, or its hash, is taken as the distinguished name. You need not get the whole world to agree with you, merely the SSL builders and deployers.

It seems a lot to ask of any institution to be sure that some “distinguished name” has not appeared in the cert of another CA, and that the current request, along with new public key, should be granted. I don’t accuse the PKI of maliciousness, or incompetence, but merely with having an infeasible charter.

I suppose that it impractical to get browsers changed.

I have ignored an important function of the PKI here. Sorry. That function is to map the trust that people have gained “in the real world” to appropriate trust in cyberspace objects. I must consider that situation as well. The arguments above implicitly assumed that trust followed digitally signed recommendations from trusted correspondents.