[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: key recovery options for PKIX-3 CAs?
>*Not speaking ex-cathedra*
> Yes, centralized generation and certification of a key pair must be
> supported by CAs (this is an important requirement for some
> environments). Key archival and key recovery services are optional and
> need not be supported by PKIX-3-conformant CAs.
>What (Internet Relevant) environment requires centralized key generation?
>What benefit (over client generated keys) does it provide?
A considerable number of commercial users do not feel that existing client
software/operating systems are either sufficiently secure or
cryptographically sound enough to entrust them with the key generation
function. They may prefer to use a high-quality hardware random number
generator, rather than risk some of the problems uncovered by the Netscape
key generation problem for example. This is completely independent of the
issue of key recovery, but only has to do with the quality of the key
generation process. Since these same commercial users are rapidly migrating
to the Internet, I assume the Internet-relevancy is obvious.
In addition, regardless of what stance various governments might take, some
corporations have strong requirements for their own key recovery, to ensure
the survivability of the business. Depending on the circumstances, they may
choose not to trust the user to perform his own key recovery, but may insist
on mandatory key recovery being performed at the server (or elsewhere). Some
have even expressed the desire that such key recovery NOT be configurable,
as they don't even want to have to trust their system administrators.
(This might sound paranoid, bu remember that corporate officers and the
directors may be PERSONALLY liable to the stockholders if a disaster occurs
that they could have anticipated as a reasonable possibility, and if they
knew of, but failed to exercise, suitable precautions to prevent it. We are
talking about megabucks of personal liability here -- not something to
As I noted in my previous message, "centralized" does not necessarily imply
that key generation is done at the CA. It could be done at lots of different
places that are remote from the client software. The key generation
protocols should be generalized to support a request for key generation at a
remote site, regardless of where that site happens to be -- a KRC, a CA, or
on a corporate server.