How do you think compromising a CA would occur, because a CA could only becom compromised when someone leaks the key for that specific CA And if it happens once, it will likely happen twice. And I hope in your best interest, you are not distributing keys to terminals.
Also, if you need to copy a file to 1000^2 terminals, use a script. I assume you have a list of all these terminals (otherwise you have a serious problem) I assume you are using server certificates and client certificates. with these there corresponds a CRL, this crl can be automatically used by any clientapplication that uses a certificate issued by any CA Bacically, are you distributing keys to terminals? Regards, Serge Fonville On Wed, Sep 2, 2009 at 8:21 AM, Yin, Ben 1. (NSN - CN/Cheng Du)<ben.1....@nsn.com> wrote: > OK, regarding the CA deploy, such as, we have a one root ca and 1000 sub ca > signed by root ca. and each sub ca used as ca by 1000 terminals.so the total > network size is 1000*1000. All our ca, including root ca and sub ca, was > stored offline. I need copy sub ca to terminal it was used. So if one of sub > ca was compromised, what I need to do is sign a new sub ca using root ca and > copy it to 1000 terminal where sub ca has been compromised. And if root ca > was compromised, I need to re-deploy CA on 1000*1000 terminal mannuly. That > is why I want to keep root ca out of the chain. And only using sub ca and > certificate to do the verification. Dose it possible? It seems that openssl > always try to find the issuer of sub ca during tht chain verification because > it wasn't self signed root ca. > > > Br > > Ben > > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville > Sent: Tuesday, September 01, 2009 5:14 PM > To: openssl-users@openssl.org > Subject: Re: Verify certificate using subordinate ca > > I don't see your problem honestly. Figuring out a private key is close > to impossible. > And stealing it, well, that is more related to security itself than to > the actual key being secure or not. > > >From what I understand, a chain works somewhat like this > > you > --peter > ----john > ------carl > > You talk to peter, peter is trusted by john, john is trusted by carl, > you trust carl > Say if you were to obsolete carl in this chain (by trusting john) john > would then become the root > If this is the case, why would you want to have carl at all? > > Thawte, verisign etc work the same way > > Also, why is distributing a CA cert so difficult? > What is your environment? > What applications are using the certs? > And how do they verify the chain? > > Again, without the key for each CA it can't be compromised > Has this actually happened or is this someone eing paranoid? > > Who has created the chain? > > I'm still not clear of the purpose of the root ca if it should not > need to be trusted > > Regards, > > Serge Fonville > > On Tue, Sep 1, 2009 at 3:52 PM, Yin, Ben 1. (NSN - CN/Cheng > Du)<ben.1....@nsn.com> wrote: >> No. In our enviroment. The root CA private key is isolated and absolutly >> safe. Regarding the compromised, I means CA can't be trusted any more, Such >> as the private key was stolen some how or someone find a way to figure out >> private key for one CA. it easy to set up new sub ca in one domain if those >> compromise happened on sub ca. but if it happened on root ca, it's quite >> hard to fix the our whole network. Thanks. >> >> >> Br >> >> Ben >> >> -----Original Message----- >> From: owner-openssl-us...@openssl.org >> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville >> Sent: Tuesday, September 01, 2009 4:31 PM >> To: openssl-users@openssl.org >> Subject: Re: Verify certificate using subordinate ca >> >> Based on what you state. >> There is no purpose for the root CA. >> >> What do you mean by compromised. >> If you publish a CA certificate to clients, it does not include the >> key. (normally) >> So the only thing a client can do is use it in the session at best. >> There is NO way a client can use a CA certificate to sign anything >> without the corresponding key. >> >> I have a chain on my website, and noone (except me, because I can >> access the server) is able to sign anything. Since the CAs are only >> used for signing and verifying and not for encrypting, if the CA keys >> are stored safely, there is no 'compromise' >> >> Are you distributing the keys as well? >> >> HTH >> >> Regards, >> >> Serge Fonville >> >> >> On Tue, Sep 1, 2009 at 2:13 PM, Yin, Ben 1. (NSN - CN/Cheng >> Du)<ben.1....@nsn.com> wrote: >>> I only want to verfiy the signature (I mean the procedure when sub ca >>> sign the certiticate). So I guess sub ca and certification should has >>> enough info to do it because we needn't root ca when we use sub ca to >>> sign the certificate. Is there a way for this requirement? Thanks. >>> >>> >>> Br >>> >>> Ben >>> >>> -----Original Message----- >>> From: owner-openssl-us...@openssl.org >>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Yin, Ben 1. >>> (NSN - CN/Cheng Du) >>> Sent: Tuesday, September 01, 2009 3:06 PM >>> To: openssl-users@openssl.org >>> Subject: RE: Verify certificate using subordinate ca >>> >>> Hi Serge, >>> >>> My intention is to keep my root ca out of compromise. We want to use sub >>> ca to splite the domain in the our whole network. Then, we can easy to >>> re-sign a new sub ca and publish it if we find one domain sub ca was >>> compromised. And if we expose the the root ca to public ,it hard to >>> maintain if root ca was cracked. >>> >>> And as you said, "create a new chain and let sub ca as root", I don't >>> know how to do it. In my testing, I set verify depth to 1. I guess it >>> will make chain only include certificate and sub ca. the testing show >>> that the openssl still try to find the issuer of sub ca, and so the >>> verification was failed. >>> >>> Here is the output: >>> >>> -with certificate at depth: 1 >>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>> err 20:unable to get local issuer certificate >>> -with certificate at depth: 1 >>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>> err 27:certificate not trusted >>> -with certificate at depth: 0 >>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>> subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab. >>> err 27:certificate not trusted >>> >>> And FYI. Here is the complete chain verfication output. >>> >>> -with certificate at depth: 2 >>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>> err 0:ok >>> -with certificate at depth: 1 >>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >>> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>> err 0:ok >>> -with certificate at depth: 0 >>> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >>> subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab. >>> err 0:ok >>> >>> Thanks. >>> >>> Br >>> >>> Ben >>> >>> -----Original Message----- >>> From: owner-openssl-us...@openssl.org >>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville >>> Sent: Tuesday, September 01, 2009 2:14 PM >>> To: openssl-users@openssl.org >>> Subject: Re: Verify certificate using subordinate ca >>> >>> Hi, >>> >>> Hmm... >>> >>> I've had the same issue. >>> Basically it came down to "how do you know if the sub is reliable if >>> you do not know whether to trust the root?" >>> If you do not wish to have the root as part of the chain, create a new >>> chain where the sub is the root >>> What is the reason you do not want to use the root in the chain check, >>> but it should be part of the chain? >>> >>> HTH >>> >>> Regards, >>> >>> Serge Fonville >>> >>> On Tue, Sep 1, 2009 at 1:04 PM, Yin, Ben 1. (NSN - CN/Cheng >>> Du)<ben.1....@nsn.com> wrote: >>>> Hi, >>>> >>>> It there a way to verify certificate with out root ca? I have 4 >>> certificate: >>>> rootca.pem is the root ca (self signed). subca.pem was signed by >>> rootca.pem. >>>> cert1.pem & cert2.pem was signed by subca.pem. I was supposed to >>> configure >>>> the client and server using subca.pem as ca, and cert1.pem & cert2.pem >>> as >>>> certificate. It seem that openssl still try to find rootca.pem to >>> verfiy >>>> subca.pem when handshake. But I don't what root.pem can bo accessed >>> for >>>> keeping it safe. So It there a way to verify certificate with out root >>> ca, >>>> only using sub ca and certificate signed by sub ca? Thanks. >>>> >>>> Br >>>> >>>> Ben >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-us...@openssl.org >>> Automated List Manager majord...@openssl.org >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-us...@openssl.org >>> Automated List Manager majord...@openssl.org >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-us...@openssl.org >>> Automated List Manager majord...@openssl.org >>> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
