Difference between revisions of "Public Key Infrastructure"
From MgmtWiki
(→Context) |
(→Context) |
||
Line 6: | Line 6: | ||
*The idea that a [[X.509 Certificate]] should have a limited life-time made sense for the telco, but no sense what-so-ever for a [[Relying Party]] who wanted to check a signature, that might have been made at some time in the past when the certificate was valid, but theoretically is invalid at the time the signature was checked. | *The idea that a [[X.509 Certificate]] should have a limited life-time made sense for the telco, but no sense what-so-ever for a [[Relying Party]] who wanted to check a signature, that might have been made at some time in the past when the certificate was valid, but theoretically is invalid at the time the signature was checked. | ||
*Lots of work-arounds were devised for the limitations of PKI, but they all involved extraordinary complexity that made life difficult for anyone that wanted to implement the technology. | *Lots of work-arounds were devised for the limitations of PKI, but they all involved extraordinary complexity that made life difficult for anyone that wanted to implement the technology. | ||
− | *One of the last work-arounds was to introduce [https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol Online Certificate Status Protocol (OSCP)]. | + | *One of the last work-arounds was to introduce [https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol Online Certificate Status Protocol (OSCP)] which at least got rid of the necessity for certificate revocation lists, a hold over from the 1950's credit card deployments. |
==Problems== | ==Problems== |
Revision as of 15:12, 8 September 2018
Full Title or Meme
An industry built up around Assurance of the Identity of Entities on the internet using X.509 Certificates and Public Key Cryptography.
Context
- The Public Key Infrastructure was build up to support the CCITT X.509 Certificate which was designed by the monopoly telephone companies to continue their existing business model of charging a recurring fee to customers who had no choice in the matter.
- The idea that a X.509 Certificate should have a limited life-time made sense for the telco, but no sense what-so-ever for a Relying Party who wanted to check a signature, that might have been made at some time in the past when the certificate was valid, but theoretically is invalid at the time the signature was checked.
- Lots of work-arounds were devised for the limitations of PKI, but they all involved extraordinary complexity that made life difficult for anyone that wanted to implement the technology.
- One of the last work-arounds was to introduce Online Certificate Status Protocol (OSCP) which at least got rid of the necessity for certificate revocation lists, a hold over from the 1950's credit card deployments.
Problems
- Enterprises were willing to tolerate the pain introduced with PKI, but not a signification number of Users that could not be compelled to submit to the pain.
- Problems have been known for a long time[1]
Solutions
- The basic business model of selling Trust for money can never work. PKI should be abandonded, but the problem is proposing a workable solution that is financially sound as well as a secure expresseion of Trust is not known in late 2018.
- FIDO U2F will put a Trust token in the hands of users, but does not help the bigger problem, how to Trust the Web Site Identity.