VeriSign opened its Digital ID service during the summer of 1996. The center is located at http://digitalid.verisign.com/. Its home page is shown in Figure 8.2.
VeriSign distributes digital certificates (called digital IDs by VeriSign) from its web site. As of December 1996, the web site could create digital certificates for Microsoft’s Internet Explorer, Netscape Navigator, and RSA’s Secure MIME format (see Figure 8.3).
The VeriSign certificate creation process consists of six steps:
You select a Class 1 Digital ID or a Class 2 Digital ID. (For an explanation of these classes, see “VeriSign’s Class System” later in this chapter.)
You provide identifying information to establish who you claim to be. For a Class 1 Digital ID, VeriSign requires:
First name or alias
Last name
Email address
Only the email address is validated.
For a Class 2 digital ID, VeriSign requires:
Email address
First name
Middle initial
Last name
Suffix
Mailing address: street name and number
Apartment or unit number
City
State or province
Zip code or postal code
Country
Date of birth
Social security number
Driver’s license number
Home phone number
Spouse’s first name
Employer
Previous address (street, apartment, city, state, zip, and country)
VeriSign validates enough of the information so that it can be assured of the individual’s identity to a degree that is consistent with its certification practices statement.
VeriSign also asks for a “challenge phrase” that is used to revoke a digital ID in the event that it is compromised.
You provide VeriSign with payment information—usually a credit card number.
You verify the information provided to VeriSign.
You claim that you have read and agree to be bound by VeriSign’s certification practices statement:[44]
YOU MUST READ THIS SUBSCRIBER AGREEMENT BEFORE APPLYING FOR,ACCEPTING, OR USING A DIGITAL ID/CERTIFICATE. IF YOU DO NOT AGREE TO THE TERMS OF THIS SUBSCRIBER AGREEMENT, DO NOT APPLY FOR, ACCEPT, OR USE THE DIGITAL ID (CERTIFICATE). THIS SUBSCRIBER AGREEMENT will become effective on the date you submit the certificate application to the designated issuing authority (IA). By submitting this Subscriber Agreement (and certificate application) you are requesting that the IA issue a Digital ID (certificate) to you and are expressing your agreement to the terms of this Subscriber Agreement. VeriSign's Public Certification Services are governed by VeriSign's Certification Practice Statement (the "CPS"), which is incorporated by reference into this Subscriber Agreement. The CPS is published on the Internet in VeriSign's repository at https:// www.verisign.com and ftp://ftp.verisign.com/repository/CPS, and is available via e-mail from: [email protected]. YOU AGREE TO USE THE DIGITAL ID (CERTIFICATE) AND ANY RELATED IA SERVICES ONLY IN ACCORDANCE WITH THE CPS. AS STATED IN THE CPS, THE IA DISCLAIMS CERTAIN IMPLIED AND EXPRESS WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, PLACES LIMITS ON ITS LIABILITY UNDER THIS AGREEMENT AND REFUSES ALL LIABILITY FOR CONSEQUENTIAL AND PUNITIVE DAMAGES. SEE THE CPS FOR IMPORTANT DETAILS. YOU DEMONSTRATE YOUR KNOWLEDGE AND ACCEPTANCE OF THE TERMS OF THIS SUBSCRIBER AGREEMENT BY EITHER (I) SUBMITTING AN APPLICATION FOR A DIGITAL ID (CERTIFICATE) TO VERISIGN, OR (II) USING THE DIGITAL ID (CERTIFICATE), WHICHEVER OCCURS FIRST.
[VeriSign Certification Practice Statement]
Click the ACCEPT button if you agree to this Subscriber Agreement and the Certification Practice Statement.[Decline] [Accept]
Copyright © 1996, VeriSign, Inc.
You should be sure to read the CPS. It’s 92 pages long, and by clicking the ACCEPT button you are agreeing to be bound by it.[45]
VeriSign displays a page that contains a form. When the form is submitted, the key is automatically generated.
The browser generates the public/private key pair and sends the public portion of the key to the VeriSign web site. Once the key is received, VeriSign signs it and places the certificate for the key into its database.
If you are using Internet Explorer, you will have the chance to select the name for this private key using the “Credentials Wizard.” After you pick a name, VeriSign will send you your electronic mail with the information necessary to get your certificate (see Figure 8.4).
Figure 8-4. The Internet Explorer Credentials Enrollment Wizard lets you choose the name of your key on Windows 95
If you are using Netscape Navigator, you will pick a name for the digital certificate when it is downloaded. Meanwhile, a window will appear with the following message:[46]
Netscape is about to generate a private key for you. This private key will be used along with the certificate you are now requesting to identify yourself to internet sites. Your private key never leaves your computer, and is protected by your Netscape password. It is important that you never give anyone your password, because that will allow them to use your private key and impersonate you on the internet. When you press the OK button below, Netscape will generate your private key for you. This is a complex mathematical operation, and may take up to several minutes for your computer to complete. If you interrupt Netscape during this process it will not create your key, and you will have to re-apply for your certificate. [OK]
After you press OK, your computer should eventually display:
Congratulations, you have successfully enrolled for a Class 1 Digital ID. The next step is to download your Digital ID from VeriSign and install it. You will promptly receive an e-mail corroboration letter from VeriSign with information about retrieving your Digital ID. You will need to use the information it contains to download and install your Digital ID. Check your e-mail, and retrieve your DigitalID from https:// digitalid.verisign.com/getid.htm You can also find out more about how Digital IDs are used and access additional Digital ID services through the Digital ID Center.
Shortly after you complete the digital certificate enrollment process, you’ll get email from VeriSign’s Digital ID center. Here’s what a user named Cass Frick got in the mail:
From pin@playfair Fri Nov 22 18:03:40 1996 Date: Fri, 22 Nov 1996 15:03:03 -0800 To: [email protected] From: VeriSign Digital ID Center <[email protected]> Subject: Class 1 VeriSign Digital ID Corroboration Thank you for selecting VeriSign as your certification authority. To assure that someone else cannot obtain a Digital ID that contains your name and e-mail address, you must obtain your Digital ID from VeriSign's secure web site using a unique Personal Identification Number (PIN). Your Digital ID PIN is: f1a41cd7574d15c3 You can get your Digital ID at this site: https://digitalid.verisign.com/msgetidca.htm Your Digital ID will contain the following information: Name or Alias: CASS FRICK E-mail Address: [email protected] Thank you for using VeriSign's Digital ID Center.
Using Microsoft’s Internet Explorer, Frick opens the URL
https://digitalid.verisign.com/msgetidca.htm,
where she is prompted for her PIN. This is shown in Figure 8.5. She can then view the certificate by using
Internet Explorer’s “Options/Security/View
Certificate” commands, as shown in Figure 8.6.
Another user named Sascha receives a similar email message. Sascha is a Netscape Navigator fan. Using Netscape Navigator, he goes to the Digital ID center. When he attempts to download the digital ID, Netscape displays:
You are downloading a new personal certificate that you have previously requested from VeriSign, Inc.. This certificate may be used, along with the corresponding private key that was generated by you at the time you requested your certificate, to identify yourself to sites on the Internet. Using certificates and private keys to identify yourself to sites is much more secure than the traditional username and password. [Cancel] [Next>]
Sascha clicks [Next>] and Netscape displays the second window in the certificate downloading process. This window shows the name of the key. He can click the [More Info...] button to view the certificate. This will show, among other information, the digital certificate’s comment field.
Here is the comment on the panel:
CAUTION: The Common Name in this Class 1 Digital ID is not authenticated by VeriSign. It may be the holder's real name or an alias. VeriSign does authenticate the e-mail address of the holder. This certificate incorporates by reference, and its use is strictly subject to, the VeriSign Certification Practice Statement (CPS), available in the VeriSign repository at: https://www.verisign.com; by E-mail at [email protected]; or by mail at VeriSign, Inc., 2593 Coast Ave., Mountain View, CA 94043 USA Copyright (c)1996 VeriSign, Inc. All Rights Reserved. CERTAIN WARRANTIES DISCLAIMED AND LIABILITY LIMITED. WARNING: THE USE OF THIS CERTIFICATE IS STRICTLY SUBJECT TO THE VERISIGN CERTIFICATION PRACTICE STATEMENT. THE ISSUING AUTHORITY DISCLAIMS CERTAIN IMPLIED AND EXPRESS WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND WILL NOT BE LIABLE FOR CONSEQUENTIAL, PUNITIVE, AND CERTAIN OTHER DAMAGES. SEE THE CPS FOR DETAILS. Contents of the VeriSign registered nonverifiedSubjectAttributes extension value shall not be considered as accurate information validated by the IA.
Sascha can view detailed information about a certificate (see Figure 8.7) and pick a name for the certificate. Finally, the certificate is added. The certificate can be viewed using Netscape’s Security Preferences Options panel, shown in Figure 8.8. This panel allows you to view the personal certificates on the system. Pressing the “obtain new certificate” button jumps your browser to the URL https://certs.netscape.com/client.html, which contains a list of CAs that are currently approved by Netscape.
Behind the scenes is a set of messages being exchanged between the VeriSign web site and the particular browser that you are using. These are done with relatively undocumented protocols and APIs.
Netscape Navigator uses the <KEYGEN> HTML tag to generate a key. The tag has this syntax:
<KEYGEN TYPE="hidden" NAME="name" VALUE="challenge string" >
When the key is generated, the public key is encoded and sent in the HTTP POST command in the variable name. More information can be found at http://home.netscape.com/eng/security/ca-interface.html.
Here are some key fields from the Netscape enrollment process:
<FORM ACTION="/cgi-bin/enroll.exe" ENCTYPE=x-www-form-encoded METHOD=POST> <INPUT TYPE="hidden" NAME="operation" VALUE="C1Submit"> <INPUT TYPE="hidden" NAME="class" VALUE="CLASS1"> <INPUT TYPE="hidden" NAME="commercial" VALUE="no"> <INPUT TYPE="hidden" NAME="mail_firstName" VALUE="Sascha"> <INPUT TYPE="hidden" NAME="mail_lastName" VALUE="Strathmore"> ... <BLOCKQUOTE> Click the SUBMIT button to send your Digital ID request to VeriSign. Your web browser will prompt you to set up a password to protect the private key associated with your Digital ID. Your private key and password are stored on your computer and are not transmitted to VeriSign. <p> In a few moments, you will receive an e-mail confirmation letter from VeriSign that provides instructions for downloading and installing your Class 1 Digital ID. </BLOCKQUOTE> ... <br> <br> <KEYGEN TYPE="hidden" NAME="public_key" VALUE="1760677006"> </FORM>
Internet Explorer generates client keys using a combination of ActiveX controls and VBScript.
<OBJECT
classid="clsid:33BEC9E0-F78F-11cf-B782-00C04FD7BF43"
CODEBASE="http://digitalid.verisign.com/certenr3.dll#Version=4,70,0,1143"
id=certHelper
>
</OBJECT>
...
<SCRIPT LANGUAGE=VBS>
'========================================================
Sub Submit_OnClick
Dim TheForm
Dim sz10
Set TheForm = Document.Class1Submit
On Error Resume Next
sz10 = certHelper.GenerateKeyPair("fad9ea1fce04f8415bb13b01aaf87e1d", FALSE,
"CN=Cass Frick", 0, "ClientAuth",FALSE,TRUE,1)
TheForm.public_key.Value = sz10Microsoft says that it does not support the <KEYGEN> tag because the tag is not part of the HTML standard.[47] The long hexadecimal number that is the first argument to the CertHelper.GenerateKeyPair method is some sort of session number that, according to Microsoft, is not used to seed the random number generator. (If it was used to seed the random number generator, then VeriSign, which provides the hexadecimal number, would know your secret key.) Of course, since the key is generated by an ActiveX control that is downloaded on the fly, this behavior could be changed at any time. It could even have different behavior in different countries, or for different users.
VeriSign provides a system for looking up the digital ID by name, email, address, or serial number. The form is located at http://digitalid.verisign.com/query.htm, but you can also click on the home page of the VeriSign Digital ID center.
For example, you can search for Simson’s Class 1 digital ID by clicking on the word “Find” on VeriSign’s home page. This brings up the VeriSign Digital ID Query page:
To find a Digital ID, enter the search criteria you want to use, then click Submit. The search criteria you enter must exactly match the information that appears in the Digital ID. Wildcards are not currently supported. Note: At this time, secure server Digital IDs cannot be located using this query service. Search for Digital ID by name, email address, or both: Name in Digital ID: If you entered a middle initial, do not include a period, for example, "John P Doe" Email address in Digital ID:Searching by email address yields better results ----------------------------------------------------------------------- Search for Digital ID by issuer and serial number Digital ID Serial Number: For example: 63992a43ef2e97a7575cdb49c4c1d6 Digital ID Issuer: VeriSign Class 1 CA - Individual Subscriber By submitting this query, I agree to be bound by VeriSign's CPS.
Currently, looking up a user’s digital ID in VeriSign’s online database requires that you agree to be bound by VeriSign’s CPS. This is sort of like the phone company requiring you to sign a legal agreement before opening the White Pages. VeriSign says that it intends to replace this requirement with a concise statement that limits VeriSign’s liability. (Internet Explorer 3.0.1 automatically looks up authenticode digital IDs in VeriSign’s online database. It is not clear whether using Internet Explorer 3.0.1 implicitly binds the user to follow the CPS.)
A search for the email address [email protected] will turn up:
Please verify that the information listed below represents the Digital Certificate you are interested in. If the certificate is valid and you are using Netscape Navigator 3.0 or Microsoft Internet Explorer 3.0 or later, you can install this Digital Certificate, by selecting the "Download Certificate " button at the end of this page. ----------------------------------------------------------------------- Subject Name Locality = Internet Organization = VeriSign, Inc. Organizational Unit = VeriSign Individual Software Publishers CA Organizational Unit = www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)96 Organizational Unit = Digital ID Class 2 - Microsoft Software Validation Common Name = Simson L Garfinkel Email Address = [email protected] Unstructured Address = Box 4188 Vineyard Haven, MA 02568 US Serial Number 722c8812f5aa2a5ea96ced94615a6da5 ----------------------------------------------------------------------- Attributes No Attributes Present ----------------------------------------------------------------------- Issuer Name Locality = Internet Organization = VeriSign, Inc. Organizational Unit = VeriSign Individual Software Publishers CA ----------------------------------------------------------------------- Validity •Start: 11/06/1996 00:00:00 GMT •End: 11/06/1997 23:59:59 GMT ----------------------------------------------------------------------- Status •Certificate: Valid •Chain: Valid Download VeriSign Certificate Please Select the desired format: [Click Here To Choose] [Download Certificate]
VeriSign allows the certificates to be downloaded in at least four different formats, including:
Microsoft Code Signing (for Authenticode)
Microsoft Internet Explorer 3.x
Netscape Navigator 3.x
S/MIME Format (Binary PKCS#7)
Ideally, VeriSign’s system is supposed to let you download anybody’s certificate so that you can send them encrypted messages. Version 3.0 of Navigator and Explorer, however, will not download a certificate for which the user does not already have a matching public key. Version 4.0 of Navigator allows any key to be downloaded, so that secure mail may be sent.
VeriSign provides a system for revoking digital IDs issued to individuals. The system requires that you know a digital ID’s serial number and the type of digital ID, and that you give a reason for the revocation. Some of the reasons VeriSign allows you choose are:
Forgotten or lost password
Compromised private key
Per request of subscriber
Issuer update
Overwrote old key pair file and submitted new request
Corrupted key pair
Incorrect common name
Wrong size key pair
Information may be materially threatened or compromised
Material fact is known or reasonably believed to be false
Material certificate issuance prerequisite not satisfied or waived
CA’s private key compromised[48]
Per request of subscriber’s agent
Faulty issuance
Replacement
VeriSign has also revoked the digital ID of a programmer who VeriSign claimed was not following the terms of the CPS and the Authenticode pledge. See Chapter 4.
During the summer of 1996, VeriSign became the first company to offer commercial client certificates on the Internet. The company offered two versions: Class 1 and Class 2.
VeriSign’s Class 1 certificate contains a person’s name and optionally an email address. These certificates allegedly have a price of $9.95 each, but in fact VeriSign gives them away to anybody who has downloaded a free copy of Netscape Navigator 3.0 or Microsoft’s Internet Explorer. VeriSign does not verify the name provided by the person requesting the certificate, although a minimal attempt is made to validate the user’s email address. (VeriSign mails the user a code that was necessary to retrieve the certificate.)
VeriSign assumes a liability cap of $100 on these certificates for failure to follow its own procedures. However, since the only certification procedure that VeriSign followed for these certificates was to make sure that the certificate requester could receive electronic mail at the address provided and that two certificates do not have the same email address, it is hard to imagine for what VeriSign could be liable. VeriSign’s liability terms are described in Section 11 of its CPS.
VeriSign’s Class 2 certificates offer a higher level of assurance to merchants. The certificates are priced at $19.95 per year. To obtain a certificate, users are required to provide their names, addresses, driver’s license number, social security number, and other information. VeriSign compares the information provided by the user with consumer files at Equifax, the United State’s largest consumer credit reporting agency.
VeriSign’s reliance on consumer credit reports is problematic for several reasons:
Consumer credit files are not designed to provide identification of consumers.
Much, if not all, of the information that VeriSign uses to validate a person’s identity is already publicly available for free or a small fee on the Internet.
To add further assurance to its Class 2 ID’s, VeriSign’s certification practice statement (CPS) states that Class 2 IDs are conditionally granted. Although the ID can be used immediately, the company does not guarantee the validity of the digital ID until two weeks after the ID is granted. During that time period, VeriSign sends a letter to the U.S. mail address of the person who requested the ID. If the person receives the letter and did not actually request the ID, he or she can call a toll-free 800 number to cancel the ID. The ID is then revoked.
VeriSign is aware that it is possible to obtain a Class 2 ID in someone else’s name using its system and plans to offer a stronger Class 3 Digital ID that will be used for different business purposes and have a correspondingly higher price. The Class 2 ID does not purport to be infallible, says VeriSign’s Michael Baum.
[44] According to VeriSign, thousands of people have downloaded or viewed the entire CPS. Hundreds of thousands of people have obtained digital IDs.
[45] Why such a long agreement? VeriSign wants to tell people their critical obligations and VeriSign’s responsibility. At this point in the development of the public key infrastructure, with no underlying law; VeriSign’s CPS is the only means by which a person or business can adequately assess how the system works. Other areas of business interactions are covered by significantly longer legal documents, such as the uniform commercial code or SEC regulations. VeriSign’s Michael Baum notes that credit card disclosure statements, which are ten or more pages of closely typed information, incorporate, by reference, VISA and MasterCard operating regulations, which are the size of telephone books.
[46] Netscape Navigator displays this message in very small type, so it’s no surprise if you don’t read it.
[47] Of course, ActiveX controls are not part of the HTML standard, either.
[48] It may seem strange that VeriSign would allow users to revoke their digital IDs because they think that VeriSign’s private key has been compromised. However, if a user really does think that VeriSign’s private key has been compromised, then presumably that user would want to revoke his or her digital ID.