- Previous message: John Curran: "Re: PKI operators anyone?"
- In reply to: John Curran: "Re: PKI operators anyone?"
- Next in thread: (no name): "Re: PKI operators anyone?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Sean Donelan (no email)
Date: Wed Sep 05 2007 - 13:22:21 EDT
On Wed, 5 Sep 2007, John Curran wrote:
>> I dont see verisign roots expiring every five years.
>
> I believe that they're on 30 years or so for the root CA
> certificates, and shorter periods for the intermediates.
Commercial PKI expiration times are mostly based on how frequently you
must pay the CA more money whether or not the certificate's private key
was compromised. If a commercial PKI charges you $500 each year to renew a
certificate, instead of $500 every two years, the commercial PKI has
doubled its revenue.
You could always revoke a certificate's private keys sooner in the event
its key is compromised.
In the event a certificate is compromised Certificate Revokation Lists
(CRL) lifetimes, not the certificate's lifetime, determines how big the
exposure window for a compromised certificate.
If you re-issue (and check) CRL's daily for 10 year certificates, your
exposure is a day, not 10 years.
In the event a CA is compromised, how quickly you can revoke the CA's
trust, not the CA's certificate lifetime determines the exposure window.
Commercial CA roots changed to very long life times not because they are
more "secure" (insert hand-waving about bits and signing ceremony) but
because of the pain of frequently updating them.
If you can remove a CA's root from your trust hierarchy within a day for a
100 year CA root, your exposure is a day, not 100 years.
The "valid dates" in the certificates are pretty much a red-herring;
because the actual threat analysis should really be based on other
factors. Most certificate private keys are compromised not because someone
figured out how to brute-force the multi-thousand bit keys, but because
the computer and all the private keys it could access were compromised by
random bits of malware.
|
|
|