How do you think compromising a CA would occur, because a CA could
only becom compromised when someone leaks the key for that specific CA
And if it happens once, it will likely happen twice. And I hope in
your best interest, you are not distributing keys to terminals.

Also, if you need to copy a file to 1000^2 terminals, use a script.
I assume you have a list of all these terminals (otherwise you have a
serious problem)

I assume you are using server certificates and client certificates.
with these there corresponds a CRL, this crl can be automatically used
by any clientapplication that uses a certificate issued by any CA

Bacically, are you distributing keys to terminals?

Regards,

Serge Fonville

On Wed, Sep 2, 2009 at 8:21 AM, Yin, Ben 1. (NSN - CN/Cheng
Du)<ben.1....@nsn.com> wrote:
> OK, regarding the CA deploy, such as, we have a one root ca and 1000 sub ca 
> signed by root ca. and each sub ca used as ca by 1000 terminals.so the total 
> network size is 1000*1000. All our ca, including root ca and sub ca, was 
> stored offline. I need copy sub ca to terminal it was used. So if one of sub 
> ca was compromised, what I need to do is sign a new sub ca using root ca and 
> copy it to 1000 terminal where sub ca has been compromised. And if root ca 
> was compromised, I need to re-deploy CA on 1000*1000 terminal mannuly. That 
> is why I want to keep root ca out of the chain. And only using sub ca and 
> certificate to do the verification.  Dose it possible? It seems that openssl 
> always try to find the issuer of sub ca during tht chain verification because 
> it wasn't self signed root ca.
>
>
> Br
>
> Ben
>
> -----Original Message-----
> From: owner-openssl-us...@openssl.org 
> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
> Sent: Tuesday, September 01, 2009 5:14 PM
> To: openssl-users@openssl.org
> Subject: Re: Verify certificate using subordinate ca
>
> I don't see your problem honestly. Figuring out a private key is close
> to impossible.
> And stealing it, well, that is more related to security itself than to
> the actual key being secure or not.
>
> >From what I understand, a chain works somewhat like this
>
> you
> --peter
> ----john
> ------carl
>
> You talk to peter, peter is trusted by john, john is trusted by carl,
> you trust carl
> Say if you were to obsolete carl in this chain (by trusting john) john
> would then become the root
> If this is the case, why would you want to have carl at all?
>
> Thawte, verisign etc work the same way
>
> Also, why is distributing a CA cert so difficult?
> What is your environment?
> What applications are using the certs?
> And how do they verify the chain?
>
> Again, without the key for each CA it can't be compromised
> Has this actually happened or is this someone eing paranoid?
>
> Who has created the chain?
>
> I'm still not clear of the purpose of the root ca if it should not
> need to be trusted
>
> Regards,
>
> Serge Fonville
>
> On Tue, Sep 1, 2009 at 3:52 PM, Yin, Ben 1. (NSN - CN/Cheng
> Du)<ben.1....@nsn.com> wrote:
>> No. In our enviroment. The root CA private key is isolated and absolutly 
>> safe. Regarding the compromised, I means CA can't be trusted any more, Such 
>> as the private key was stolen some how or someone find a way to figure out 
>> private key for one CA. it easy to set up new sub ca in one domain if those 
>> compromise happened on sub ca. but if it happened on root ca, it's quite 
>> hard to fix the our whole network. Thanks.
>>
>>
>> Br
>>
>> Ben
>>
>> -----Original Message-----
>> From: owner-openssl-us...@openssl.org 
>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
>> Sent: Tuesday, September 01, 2009 4:31 PM
>> To: openssl-users@openssl.org
>> Subject: Re: Verify certificate using subordinate ca
>>
>> Based on what you state.
>> There is no purpose for the root CA.
>>
>> What do you mean by compromised.
>> If you publish a CA certificate to clients, it does not include the
>> key. (normally)
>> So the only thing a client can do is use it in the session at best.
>> There is NO way a client can use a CA certificate to sign anything
>> without the corresponding key.
>>
>> I have a chain on my website, and noone (except me, because I can
>> access the server) is able to sign anything. Since the CAs are only
>> used for signing and verifying and not for encrypting, if the CA keys
>> are stored safely, there is no 'compromise'
>>
>> Are you distributing the keys as well?
>>
>> HTH
>>
>> Regards,
>>
>> Serge Fonville
>>
>>
>> On Tue, Sep 1, 2009 at 2:13 PM, Yin, Ben 1. (NSN - CN/Cheng
>> Du)<ben.1....@nsn.com> wrote:
>>> I only want to verfiy the signature (I mean the procedure when sub ca
>>> sign the certiticate). So I guess sub ca and certification should has
>>> enough info to do it because we needn't root ca when we use sub ca to
>>> sign the certificate.  Is there a way for this requirement? Thanks.
>>>
>>>
>>> Br
>>>
>>> Ben
>>>
>>> -----Original Message-----
>>> From: owner-openssl-us...@openssl.org
>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Yin, Ben 1.
>>> (NSN - CN/Cheng Du)
>>> Sent: Tuesday, September 01, 2009 3:06 PM
>>> To: openssl-users@openssl.org
>>> Subject: RE: Verify certificate using subordinate ca
>>>
>>> Hi Serge,
>>>
>>> My intention is to keep my root ca out of compromise. We want to use sub
>>> ca to splite the domain in the our whole network. Then, we can easy to
>>> re-sign a new sub ca and publish it if we find one domain sub ca was
>>> compromised. And if we expose the the root ca to public ,it hard to
>>> maintain if root ca was cracked.
>>>
>>> And as you said, "create a new chain and let sub ca as root", I don't
>>> know how to do it. In my testing, I set verify depth to 1. I guess it
>>> will make chain only include certificate and sub ca. the testing show
>>> that the openssl still try to find the issuer of sub ca, and so the
>>> verification was failed.
>>>
>>> Here is the output:
>>>
>>>  -with certificate at depth: 1
>>>  issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>  subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>  err 20:unable to get local issuer certificate
>>> -with certificate at depth: 1
>>>  issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>  subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>  err 27:certificate not trusted
>>> -with certificate at depth: 0
>>>  issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>  subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab.
>>>  err 27:certificate not trusted
>>>
>>> And FYI. Here is the complete chain verfication output.
>>>
>>> -with certificate at depth: 2
>>>  issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>  subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>  err 0:ok
>>> -with certificate at depth: 1
>>>  issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA
>>>  subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>  err 0:ok
>>> -with certificate at depth: 0
>>>  issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA
>>>  subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab.
>>>  err 0:ok
>>>
>>> Thanks.
>>>
>>> Br
>>>
>>> Ben
>>>
>>> -----Original Message-----
>>> From: owner-openssl-us...@openssl.org
>>> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville
>>> Sent: Tuesday, September 01, 2009 2:14 PM
>>> To: openssl-users@openssl.org
>>> Subject: Re: Verify certificate using subordinate ca
>>>
>>> Hi,
>>>
>>> Hmm...
>>>
>>> I've had the same issue.
>>> Basically it came down to "how do you know if the sub is reliable if
>>> you do not know whether to trust the root?"
>>> If you do not wish to have the root as part of the chain, create a new
>>> chain where the sub is the root
>>> What is the reason you do not want to use the root in the chain check,
>>> but it should be part of the chain?
>>>
>>> HTH
>>>
>>> Regards,
>>>
>>> Serge Fonville
>>>
>>> On Tue, Sep 1, 2009 at 1:04 PM, Yin, Ben 1. (NSN - CN/Cheng
>>> Du)<ben.1....@nsn.com> wrote:
>>>> Hi,
>>>>
>>>> It there a way to verify certificate with out root ca? I have 4
>>> certificate:
>>>> rootca.pem is the root ca (self signed). subca.pem was signed by
>>> rootca.pem.
>>>> cert1.pem & cert2.pem was signed by subca.pem. I was supposed to
>>> configure
>>>> the client and server using subca.pem as ca, and cert1.pem & cert2.pem
>>> as
>>>> certificate. It seem that openssl still try to find rootca.pem to
>>> verfiy
>>>> subca.pem when handshake. But I don't what root.pem can bo accessed
>>> for
>>>> keeping it safe. So It there a way to verify certificate with out root
>>> ca,
>>>> only using sub ca and certificate signed by sub ca? Thanks.
>>>>
>>>> Br
>>>>
>>>> Ben
>>> ______________________________________________________________________
>>> OpenSSL Project                                 http://www.openssl.org
>>> User Support Mailing List                    openssl-us...@openssl.org
>>> Automated List Manager                           majord...@openssl.org
>>> ______________________________________________________________________
>>> OpenSSL Project                                 http://www.openssl.org
>>> User Support Mailing List                    openssl-us...@openssl.org
>>> Automated List Manager                           majord...@openssl.org
>>> ______________________________________________________________________
>>> OpenSSL Project                                 http://www.openssl.org
>>> User Support Mailing List                    openssl-us...@openssl.org
>>> Automated List Manager                           majord...@openssl.org
>>>
>> ______________________________________________________________________
>> OpenSSL Project                                 http://www.openssl.org
>> User Support Mailing List                    openssl-us...@openssl.org
>> Automated List Manager                           majord...@openssl.org
>> ______________________________________________________________________
>> OpenSSL Project                                 http://www.openssl.org
>> User Support Mailing List                    openssl-us...@openssl.org
>> Automated List Manager                           majord...@openssl.org
>>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-us...@openssl.org
> Automated List Manager                           majord...@openssl.org
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    openssl-us...@openssl.org
> Automated List Manager                           majord...@openssl.org
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to