[144586] in cryptography@c2.net mail archive
Re: HSM outage causes root CA key loss
daemon@ATHENA.MIT.EDU (Dirk-Willem van Gulik)
Tue Jul 14 19:50:13 2009
Date: Wed, 15 Jul 2009 00:05:11 +0100
From: Dirk-Willem van Gulik <dirkx@webweaving.org>
To: "Weger, B.M.M. de" <b.m.m.d.weger@TUE.nl>
CC: Peter Gutmann <pgut001@cs.auckland.ac.nz>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: <7DF2365FF07C0E4E89419D65CCC93C9E0160CC8C5E0D@EXCHANGE11.campus.tue.nl>
Weger, B.M.M. de wrote:
> - if they rely on the CA for signing CRLs (or whatever
> revocation mechanism they're using) then they have to find
> some other way to revoke existing certificates.
...
> Seems to me that for signing CRLs it's better to have a separate
> "Revocation Authority" (whose certificate should be issued by
> the CA it is revoking for); then revoking can continue when the
> CA loses its private key. The CA still may have revoking
> authority as well, at least to revoke the Revocation Authority's
> certificate...
Unfortunately those code paths seem rarely traveled/tested between
implementations and even within a single implementations fraught with
caveats; so one often ends up with a (sub) CA in the same chain as the
cert one wants to revoke.
> Any other problems? Maybe something with key rollover or
> interoperability?
Aye - and there is another area which is even less traveled than above.
Dw
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
