Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
News

Creating Your Own CA 31

Posted by michael from the snake-oil-enterprises dept.
lisam writes "Rob Flickenger shows how to become your own Certificate Authority, and sign your own, or others', SSL certificates in this onlamp.com article. (He also manages to mention fnords and deny responsiblity for the Microsoft Corporation cert snafu.)"
This discussion has been archived. No new comments can be posted.

Creating Your Own CA More

Creating Your Own CA

Comments Filter:

  • This is important, but... (Score:5, Insightful)

    by rw2 ( 17419 ) on Tuesday February 11, 2003 @03:17PM (#5282433) Homepage
    It's important the people understand how to do this, but what is missing is some way to understand whether or not to trust a CA. Until your grandma can trivially decide to trust rw2's CAnonical Enterprises, Inc. signing by anyone but the handful of big boys is the most reasonable thing to do.

    • I've thought the only way for a new entity to establish a trust relationship is to tie into some existing entity with a surety bond.

      If rw2 CAnonical Enterprises, Inc. could convince me that some chunk of money backed up any and all claims of their identity, then I'd be willing to transact business using them.

      But I don't see how to do this unless the existing entity is a bank. From what I understand, becoming a bank is no trivial task.

      • But I don't see how to do this unless the existing entity is a bank. From what I understand, becoming a bank is no trivial task.

        Well, you could always become a bank without becoming a bank... <cough>paypal</cough>
    • Reasonable in that it is easiest, yes. Reasonable that it is the most financially viable option, not necessarily. Not if you need a *lot* of certificates, like I do. Reasonable, to pay VeriSign's extortion? No. No on principle. There is no loss of encryption in not using an "big boy" (which I mean to be an established CA). My ssl is just as secure, in terms of encryption. My only disadvantage is that my visitors have to trust that I am me; I don't have to have VeriSign vouch for me. Arguably, since my CA private cert is in a safe, I am *more* secure, cause I don't have to worry about Verisign F-ing up like they did with MS.
      • My only disadvantage is that my visitors have to trust that I am me

        Kind of a big disadvantage one might think...

        Calling it extortion is innacurate, they have trust and that's a big thing. If it were easy to duplicate someone would have done so and competition would drive prices down.

        Arguably, since my CA private cert is in a safe, I am *more* secure

        You can argue that, but it's a loser. People are far, far more lax about security than verisign is.
        • Kind of a big disadvantage, one might thing...
          Heh. Yup. No doubt about that. But, I think, easily dealt with in my specific circumstances (or I obviously wouldn't go that route)

          Calling it extortion is inaccurate, they have trust and that's a big thing. ...

          It is not trust that they have. It is the fact that they are installed in browsers out of the box. I don't trust VeriSign; neither does my grandmother; she's never heard of them. But Microsoft (et al.) have decided for her that VeriSign, Thawte, etc are trustworthy.

          You can argue that, but it's a loser. People are far, far more lax about security than verisign is.

          What the hell? Verisign is a company. That is, Verisign is a bunch of people, operating in the form of a bureaucracy. Point A: people tend to get stupider in large numbers. Point B: Verisign has demonstrated on more than one occasion, and in more than one manner that they are careless and/or generally untrustworthy.

          Besides; we are not talking about "people" in general here ... I gave myself as a specific example; you know nothing of my security practices, how can you even begin to back up a statement that general?

          • It is not trust that they have. It is the fact that they are installed in browsers out of the box.

            They have the trust of the browser vendors. You say this yourself. This is no small bit of trust.

            What the hell? Verisign is a company. That is, Verisign is a bunch of people, operating in the form of a bureaucracy.

            That's right. And, regardless of whether you accept a Randian world view or not, each of those people are looking out for their own best interest. That means that security on the systems is likely to have been designed well, the audits to find holes are likely to have been done properly, the customer service has provided feedback to make it more likely that their product is used properly. On and on and on.

            Verisign has done a mostly excellent job of providing a robust service.

            Point A: people tend to get stupider in large numbers.

            This is simply false. People without common goals tend to do stupid things while sniping at each other. But to say that, for example, GE is doomed because people get stupider in large number is, well, stupid. It's not even a recent phenomena for heavens sake, the great wall of china was built by a large number of people, so were the pyramids. Those two are examples of engineering that is far from stupid.

            Point B: Verisign has demonstrated on more than one occasion, and in more than one manner that they are careless and/or generally untrustworthy

            I disagree with this. Showing me one example (the microsoft one) doesn't show that they are 'generally' untrustworthy. And more to the point, it certainly doesn't come close to the level of proof needed to show me that they are less trustworthy than having 100 million net users manage their own private keys.

            Besides; we are not talking about "people" in general here ... I gave myself as a specific example; you know nothing of my security practices, how can you even begin to back up a statement that general?

            I didn't say *you* couldn't, though I doubt you can unless you work in security. I work on the fringes of security everyday and am glad that kerberos, and the professional security types at my lab, are managing my keys instead of me.

    • Re:This is important, but... (Score:5, Insightful)

      by Sloppy ( 14984 ) on Tuesday February 11, 2003 @03:48PM (#5283060) Homepage Journal
      No one can really answer that, because there isn't any way for Grandma to know whether or not she can trust a CA. Even if it's the big guys or if it comes with her browser. I mean, from Grandma's point of view, who the hell is Verisign and what did they ever do to merit trust? At best they're just some faceless corporation she's never heard of or dealt with. A cracker CA named "Integro-Trust Digital Signature National Registry (Fidelity Verified)" would have an even better-looking name than "Verisign."

      I don't think you can have real trust without users understanding how things work. Grandma is screwed.

      • Let's face it, Grandma doesn't know squat about trust, in this context. She probably doesn't even know that the concept is important. We're doing well to make sure that Grandma looks for the little lock in the corner of the browser whenever she enters private information.

        As for trust, Grandma trusts whoever set up the computer for her, and it effectively means that she trusts Microsoft and/or Netscape (or maybe Opera) for putting those little locks on her browser.

        Are there any legal issues to violating the chain of trust implied by that little lock in the corner? Obviously if money is stolen, there are laws in place. But what about the trust, itself?

  • Why? (Score:4, Insightful)

    by Itsik ( 191227 ) <moc.em-ta-urugimed> on Tuesday February 11, 2003 @03:19PM (#5282445) Homepage
    The information that the article mentions above, has been readily available on line in various howto's.
    Just follow the instructions that come with OPEN SSL or MOD_SSL.

    Why is it that slashdot found it 'news' worthy?

    • Pretty disappointing. Anyone at /. that is interested in CAs and such should already be aware that OpenSSL has all the functions for manipulating the various file formats involved if you have the time to grok the command line interface to all of this.

      I can give you more help right here and clear up some stuff they glossed over. First, a certificate is not a public key, but it includes the public key, and it is signed by the private key of the Certificate Authority (CA). In the example, a 'root' or self-signed certificate is created. The private key is typically password protected when it is stored (you can see it prompting for that password in the script).

      He doesn't show you what you have to do to create the '.csr' file that is used to create the actual site certificate, but this is what is called the Certificate Request. Also, the '.key' file should be created in a separate step. The process is that when someone wants a certificate, they generate a request on their computer that includes all the 'name' information (as displayed in article) and the public key. The private key is generated at the same time, but it should never leave the site generating the request, and additional steps should be taken to protect it from being exposed. The article implies that the key pair is generated by the command given, but I don't think it is (a separate step is needed to create the .csr file, and it should be created then).

      A few more notes: your new '.crt' (the certificate) file will show up in 'newcerts' (if not, then 'certs'), the 'serial' file is the serial number of the next (or last) cert issued, and the 'crl' subdir is for the "Certificate Revocation List" all CAs should have one, and it should list all the certificates issued by this authority that have been revoked (by serial number, I think). AFAIK, this is the biggest hole in the process. To correctly verify the validity of a cert, you should always check the cert's serial number against the CRL, but where to you get the CRL? There must be a standard way to get the current CRL from a CA, but does a browser or other client have any function to get it before validating a certificate? Nothing I've seen indicates that clients do this so I doubt whether revocation is ever effective in a practical sense.

      Now, what would be really cool is if someone wrapped the functions to create a certificate request with a few web pages and provided a howto describing how to set this up and really run your own CA. If I was doing it, I would keep the CAs private key on external media (a floppy or CD/R), and only put it in the system when I need it to sign certs and CRLs. Isolating the system you use for this is better, but you do still have to get the requests in and the certs or CRLs out.

      One final comment. It is just about impossible to actually protect the private key for a typical web server. Or at least protect it from root exploits. This is because you have to either not use a password so that your web server can restart without a password, or have some script that provides the password on startup of the web server. The only other choice is to have someone actually type it whenever a server needs to be restarted, and I don't have to point out here what a pain this would be for a big server farm.

  • Weak (Score:4, Informative)

    by Breakerofthings ( 321914 ) on Tuesday February 11, 2003 @03:36PM (#5282700)
    While I frequently find valuable information in Oreilly's articles, such as this one, this one is nothing but fluff; purely a plug for the author's book. The exact info is available in the docs that come with OpenSSL, as well as in the OpenSSL animal book.

  • Are you there Howard?

    Tekeli-li! Tekeli-li!

    All hail Discordia!

    Feh, sorry this was so lame, I couldn't think of anything really funny. I just couldn't resist after seeing the example names, locations, etc. he used.

Slashdot Top Deals

The reason computer chips are so small is computers don't eat much.

Close