Difference between revisions of "Public Key Infrastructure"

From MgmtWiki
Jump to: navigation, search
(Solutions)
(Federation)
 
(8 intermediate revisions by the same user not shown)
Line 10: Line 10:
 
==Problems==
 
==Problems==
 
*[[Enterprise]]s were willing to tolerate the pain introduced with PKI, but not a signification number of [[User]]s that could not be compelled to submit to the pain.
 
*[[Enterprise]]s were willing to tolerate the pain introduced with PKI, but not a signification number of [[User]]s that could not be compelled to submit to the pain.
*Problems have been known for a long time<ref>Robert A. Grimes, ''4 Fatal Problem with PKI.'' (2015) CSO https://www.csoonline.com/article/2942072/security/4-fatal-problems-with-pki.html</ref>
+
*Problems have been known for a long time from Robert Grimes<ref>Robert A. Grimes, ''4 Fatal Problem with PKI.'' (2015) CSO https://www.csoonline.com/article/2942072/security/4-fatal-problems-with-pki.html</ref> and [https://www.cs.auckland.ac.nz/~pgut001/#standards Peter Gutmann]
  
 
==Solutions==
 
==Solutions==
Line 18: Line 18:
 
There are several commonly used filename extensions for X.509 certificates.  Unfortunately, some of these extensions are also used for other data such as private keys.
 
There are several commonly used filename extensions for X.509 certificates.  Unfortunately, some of these extensions are also used for other data such as private keys.
  
* <tt>.pem</tt> – ([[Privacy-enhanced Electronic Mail]]) [[Base64]] encoded [[Distinguished Encoding Rules|DER]] certificate, enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"
+
* <tt>.pem</tt> – (Privacy-enhanced Electronic Mail) [[Base64]] encoded [[Distinguished Encoding Rules|DER]] certificate, enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"
 
* <tt>.cer</tt>, <tt>.crt</tt>, <tt>.der</tt> – usually in binary [[Distinguished Encoding Rules|DER]] form, but Base64-encoded certificates are common too (see <tt>.pem</tt> above)
 
* <tt>.cer</tt>, <tt>.crt</tt>, <tt>.der</tt> – usually in binary [[Distinguished Encoding Rules|DER]] form, but Base64-encoded certificates are common too (see <tt>.pem</tt> above)
* <tt>.p7b</tt>, <tt>.p7c</tt> – [[PKCS7|PKCS#7]] SignedData structure without data, just certificate(s) or [[revocation list|CRL]](s)
+
* <tt>.p7b</tt>, <tt>.p7c</tt> – [[PKCS 7|PKCS#7]] SignedData structure without data, just certificate(s) or [[revocation list|CRL]](s)
* <tt>.p12</tt> – [[PKCS12|PKCS#12]], may contain certificate(s) (public) and [[private key]]s (password protected)
+
* <tt>.p12</tt> – [[PKCS 12|PKCS#12]], may contain certificate(s) (public) and [[Private Key Component]]s (password protected)
* <tt>.pfx</tt> – PFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with PFX files generated in [[Internet Information Services|IIS]])
+
* <tt>.pfx</tt> – PFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with PFX files generated in by a bowser like Microsoft's Internet Information Services - IIS)
  
[[PKCS7|PKCS#7]] is a standard for signing or encrypting (officially called "enveloping") data. Since the certificate is needed to verify signed data, it is possible to include them in the SignedData structure. A <tt>.P7C</tt> file is a degenerated SignedData structure, without any data to sign.
+
[[PKCS 7|PKCS#7]] is a standard for signing or encrypting (officially called "enveloping") data. Since the certificate is needed to verify signed data, it is possible to include them in the SignedData structure. A <tt>.P7C</tt> file is a degenerated SignedData structure, without any data to sign.
  
[[PKCS12|PKCS#12]] evolved from the ''personal information exchange'' (PFX) standard and is used to exchange public and private objects in a single file.
+
[[PKCS 12|PKCS#12]] evolved from the ''personal information exchange'' (PFX) standard and is used to exchange public and private objects in a single file.
 +
 
 +
==Back to the Future==
 +
The problems with PKI have resulted in lots of standards to create something better. But in the end nothing better that a certificate trust chain has actually worked. Some examples:
 +
===Federation===
 +
The whole point of a [[Federated Ecosystem]] is to create the sort of space that already exists for [[TLS]]. It should be noted that [[TLS]] is Transport Layer Security, while most of [[Identifier and Access Management]] operates at the application level. Since IP and transport layer security did a great job at creating secure solutions there has been an effort called [[Channel Binding]] to use that secured link to bind the user [[Identifier]] using that secure basis. The problem, as pointed out in the [[Channel Binding]] page is that large computer systems are often architected to put lower level function in a different physical device from the application. So a fully application level standard, like a [[Federation Service]] may not be able to use lower level protocols.
 +
 
 +
===Trust Registries===
 +
There appears to be no difference between a [[Trust Registry]] and a [[Certificate Authority]] except for the hype.
  
 
==References==
 
==References==

Latest revision as of 14:20, 6 December 2023

Full Title or Meme

An industry built up around Assurance of the Identity of Entities on the internet using X.509 Certificates and Public Key Cryptography.

Context

  • The Public Key Infrastructure was build up to support the CCITT X.509 Certificate which was designed by the monopoly telephone companies to continue their existing business model of charging a recurring fee to customers who had no choice in the matter.
  • The idea that a X.509 Certificate should have a limited life-time made sense for the telco, but no sense what-so-ever for a Relying Party who wanted to check a signature, that might have been made at some time in the past when the certificate was valid, but theoretically is invalid at the time the signature was checked.
  • Lots of work-arounds were devised for the limitations of PKI, but they all involved extraordinary complexity that made life difficult for anyone that wanted to implement the technology.
  • One of the last work-arounds was to introduce Online Certificate Status Protocol (OSCP) which at least got rid of the necessity for certificate revocation lists, a hold over from the 1950's credit card deployments.

Problems

  • Enterprises were willing to tolerate the pain introduced with PKI, but not a signification number of Users that could not be compelled to submit to the pain.
  • Problems have been known for a long time from Robert Grimes[1] and Peter Gutmann

Solutions

  • The basic business model of selling Trust for money can never work in a capitalist economy. Any standard causes a race to the bottom. PKI should be abandonded, but the problem is proposing a workable solution that is financially sound as well as a secure expresseion of Trust is not known in late 2018.
  • FIDO U2F will put a Trust token in the hands of users, but does not help the bigger problem, how to Trust the Web Site Identity.

Certificate filename extensions

There are several commonly used filename extensions for X.509 certificates. Unfortunately, some of these extensions are also used for other data such as private keys.

  • .pem – (Privacy-enhanced Electronic Mail) Base64 encoded DER certificate, enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"
  • .cer, .crt, .der – usually in binary DER form, but Base64-encoded certificates are common too (see .pem above)
  • .p7b, .p7cPKCS#7 SignedData structure without data, just certificate(s) or CRL(s)
  • .p12PKCS#12, may contain certificate(s) (public) and Private Key Components (password protected)
  • .pfx – PFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with PFX files generated in by a bowser like Microsoft's Internet Information Services - IIS)

PKCS#7 is a standard for signing or encrypting (officially called "enveloping") data. Since the certificate is needed to verify signed data, it is possible to include them in the SignedData structure. A .P7C file is a degenerated SignedData structure, without any data to sign.

PKCS#12 evolved from the personal information exchange (PFX) standard and is used to exchange public and private objects in a single file.

Back to the Future

The problems with PKI have resulted in lots of standards to create something better. But in the end nothing better that a certificate trust chain has actually worked. Some examples:

Federation

The whole point of a Federated Ecosystem is to create the sort of space that already exists for TLS. It should be noted that TLS is Transport Layer Security, while most of Identifier and Access Management operates at the application level. Since IP and transport layer security did a great job at creating secure solutions there has been an effort called Channel Binding to use that secured link to bind the user Identifier using that secure basis. The problem, as pointed out in the Channel Binding page is that large computer systems are often architected to put lower level function in a different physical device from the application. So a fully application level standard, like a Federation Service may not be able to use lower level protocols.

Trust Registries

There appears to be no difference between a Trust Registry and a Certificate Authority except for the hype.

References

  1. Robert A. Grimes, 4 Fatal Problem with PKI. (2015) CSO https://www.csoonline.com/article/2942072/security/4-fatal-problems-with-pki.html
Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Public_Key_Infrastructure&oldid=19209"