Joel wrote: >Sorry, I wasn't clear in my question. (I'm confused, I know.) > >(And thanks for trying to help a confused newb. ;-) >[...] > > >What I'm trying to ask, if I can get it right this time, is whether a >root CA will be passing its own self-signed certificate out. > > Ahh, now I think we get nearer to the mark. ;) Yes, the root CA has to distribute its self signed certificate (NOT its private key, just the cert. There seem to be misunderstandings about that elsewhere) to those who have to trust it. For example if your employees have to make sure they are on a company website you have to give them a disk (this is the secure channel here) containing the CA's certificate and they have to import it into their browsers.
N.B.: Just make sure that your CA certificate is not used to sign fake certificates, since if your employees trust your CA this also implies (at least with current browser implementations) that they trust every certificate signed by your CA, even if you hand out certificates for www.bigbank.com or www.ebay.com... >I think I've figured it out, by the way. In the case of the web server, >the self-signed certificate is not intended for certifying the web site, >but for certifying the certificate(s) of (a) web site(s), which is why >two are necessary. > > Yes, that sounds correct. >But in the case of a CA, the certificate is for signing certificates for >other CAs and won't be given out otherwise. But it would be given out >with the signed certificates for the subordinate CAs. > > >But if the root CA machine is also signing server certificates (which it >should not, but that's another story), it should have a separate >certificate for signing certificates for servers. Should also have a >separate piece of the directory tree to do it in. > > Though a CA can sign other CAs and thereby build longer CA-chains it is more common in Inhouse-CAs to directly sign end-user (or "end-server") certificates. And as explained above the self signed certificate of the root CA has to be distributed. The approach described by you is a more secure but less practical way. You typically do this if you are Thawte or Verisign and your root certificate has to have a very late expiery date, like 25 years from now. Then it is better to keep the root CA's private(!) keys very very secure in a bank vault and only use it once a year to sign certificates for some sub-CAs, which expire in a year or so and are then used to sign end-user certificates. Now if one of the sub-CAs compromises its private key, only the certificates singed by this particular sub-CA are void, and not possibly those of ten or twenty years of work. But still the root CA's certificate (which apart from management information primarily contains its signed public(!) key part) has to be distributed, in the case of Thawte etc. to Bill, the Mozilla project and people like that. >Am I getting warm? > > I think you are already rather close. Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
smime.p7s
Description: S/MIME Cryptographic Signature
