Operational Tradeoffs of Aggregating Attributes in Digital Certificates


Ian Simpson
Affiliation: Carnegie Mellon University
Abstract: There are many circumstances in which it is necessary to vouch for a collection of attributes about a subscriber to a certificate service. One well-used example is the drivers license, which conveys a purpose-built "bundle" of bearer attributes. But there are circumstances in which using such a pre-designated "bundle" may have disadvantages. In some cases, representing attributes independently may be more appropriate.

One may address the need for grouping attributes with a coarse grained approach, in which several attributes are aggregated into a single certificate, or a fine grained approach, in which only a single attribute is contained in each certificate. Assuming aggregation is chosen, there are two points at which it can be conducted: at the time of the transaction (and in response to the needs of the recipient), or at some earlier time (given that commonly required groupings can be anticipated).

The specific options that are chosen can significantly affect the operation of the CA infrastructure. There are tradeoffs involved in choosing one approach or the other. Under what conditions does it make sense to aggregate attributes into a single certificate, and under what conditions does it make sense to keep them separate? This talk will discuss the effects of these choices on a number of operational issues:

~ Efficiency

   - What is the effect on computational and networking requirements?

~ Security and reliability

   - What is the rate at which the invalidation of attributes will
result in invalid certificates?

   - What is the malefactor's "payoff" in the case of certificate compromise?

~ Privacy and information disclosure

   - Under what circumstances might additional information be
inadvertently "leaked" as a result of using the certificates?

~ Administration

   - How complex is the task of maintaining subscribers' certificates?

   - How often must certificates be re-issued under each scheme?

~ Liability and incentives for participation

   - In the case of aggregation, what's the liability for the aggregator?

   - Why would anyone want to act as aggregator, anyway? 

For more information, contact is2a+@andrew.cmu.edu.