If the certificates issued by such a CA are only used to authenticate users of (for example) a web forum, the CA can be run by the web forum operator -- you trust her to keep her forum relatively secure, but you don't trust her with your bank account password...
In that case, the relying party is the issuer, so there's no need for you to have an SLA (since it'd be just a shorthand for putting in your credentials, all that would be needed would be a forum plugin that listened on https and either accepted a certificate (and thus created the session for the account named in the certificate from the mutual authentication) or asked for username and password, requiring an additional round trip to establish the session. If the CA key in this case were compromised, the forum operator could simply revoke it, create a new one, and all the users with certs signed by the now-defunct CA would just have to enter their usernames and passwords and get new authentication certificates. There are MANY reasons why insisting on certificates only being used for commercial stuff is outright idiotic, not the least reason of which is that there's no "sandbox" where they can play with this technology without fear of unknown consequences. That is a necessary precursor to wide acceptance -- the ability to play around without actual money necessarily being involved. -Kyle H On Friday, January 15, 2010, John R Pierce <pie...@hogranch.com> wrote: > Kyle Hamilton wrote: > > I truly, truly wish that people would stop thinking themselves into > the "crypto box". > > A CA needs to be only as secure as the things that its certificates > secure. In this case, if they're trying to create user authentication > certificates for their customers so that they can have the full > benefits of mutual authentication (which benefits include immunity > from the recent prefix-injection attack, among others), why shouldn't > their issuing CA be online? No entity other than their authentication > server needs to trust that CA. > > > > yes, butt if the root private key used by this CA gets compromised, then you > can no longer trust anything it signed. I would not entrust any sort of > authoritative private key to a system on which I didn't have some sort of SLA > with all parties who had access to the systems and storage. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
