The management of PKI for use with TLS is one of the most widely misunderstood problems, and is one of the things that /u/ivanristic is trying to address in this guide.īut TLS itself has many intricate levels and all of which need to be understood for a secure implementation. The exact methods used for this vary across the board and cover a wide range of technologies. Transport Layer Security is a system which uses a combination of PKI and symmetric encryption to validate authenticity and provide for encryption between two parties. TLS Implementation using PKI (Asymmetric Cryptography The US NIST has a fantastic bit of documentation on everything you will ever want to know about key management practices.
This gets into things like how to handle key compromise, key rotation, key length, key generation, the algorithms used (RSA vs. It is important to understand that this guide is attempting to cover two separate functions. I figured I'd mirror my comments here via cliff notes. I feel like my posts could be lost in the trenches as /u/ivanristic and I were discussing some things back and forth. In absence of a similar mechanism, our current best bet is to use public key pinning to restrict which CAs can issue certificates for which web sites. (We participated by running 4 notaries used in the default configuration.) Sadly, the project didn't succeed. But they, too, are in a conflicting situation, because increasing security does not increase their market share.Įdit: Personally, I was quite fond of the Convergence project - which does not necessarily rely on certificate authorities. Most of the blame is thus on the shoulders of browser vendors. They will naturally take actions that lead them to maximise their revenue. Personally, I don't think we can rely on CAs to do the right thing, because they are inherently biased. It is also possible to lift the suspension later. That would enable you to trust the legacy certificates (and thus not break the Web), but not allow any new certificates as a punishment. For example, when deciding if a particular certificate is trusted, you could look at the date. Bhd.).īut, the decision does not have to be binary. I agree with you that CAs can get killed only in extreme cases (e.g., DigiNotar and DigiCert Sdn. My point there was that CAs who have a significant revenue stream from issuing certificates were more likely to pay attention, provide better service as well as better security. I think you should point this out in your document :-) I think browser vendors are equally to blame. Personally I think CAs are a disgrace to the security community. Why do browser vencors accept CAs that are willing to generate private keys and CSRs for you? That's insane! Which browser vendor has set a date for requiring that CAs by default publish certificates in something like certificate transparency? Why is this document even required if CAs and browser vendors did their part of the job by setting the bar just a little higher than at ground level? Why do browser vendors accept root CAs where there is no follow up service that alert the buyer if the web site is later not configured according to best practices? Why do browser vendors accept root CAs that do not monitor the web sites they issue certificates to? The alcohol is the same.Īs an example, you mention that it can be hard to know when a certificate is about to expire. Some people like expensive whiskey, others cheap. Pricing differences between CAs are much better explained by branding theories. Pulling a CA root is a binary operation, thus CAs can get away with pretty lousy security and only in extreme cases do they get pulled. CAs where things go wrong are not punished by browser vendors. "CAs whose activities constitute a substantial part of their business have everything to lose if some-thing goes terribly wrong" I think you are too kind in describing how the CA market works:
r/vrd - Vulnerability Research and Development
r/rootkit - Software and hardware rootkits r/REMath - Math behind reverse engineering r/netsecstudents - netsec for noobs students r/Malware - Malware reports and information r/crypto - Cryptography news and discussion We're also on: Twitter, Facebook, & Google + Related Reddits » Our fulltext list of prohibited topics & sources Social No populist news articles (CNN, BBC, FOX, etc.) » Our fulltext discussion guidelines Prohibited Topics & Sources » Our fulltext content guidelines Discussion Guidelinesĭon't complain about content being a PDF.įollow all reddit rules and obey reddiquette. Hiring posts must go in the Hiring Threads. Non-technical posts are subject to moderation. r/netsec only accepts quality technical posts. "Give me root, it's a trust exercise." Featured Posts A community for technical news and discussion of information security and closely related topics.