Presentation is loading. Please wait.

Presentation is loading. Please wait.

Extended Validation Models in PKI Alternatives and Implications Marc Branchaud John Linn

Published byDestini Woulfe Modified over 9 years ago

Similar presentations

Presentation on theme: "Extended Validation Models in PKI Alternatives and Implications Marc Branchaud John Linn"— Presentation transcript:

1 Extended Validation Models in PKI Alternatives and Implications Marc Branchaud marcnarc@rsasecurity.com John Linn jlinn@rsasecurity.com

2 2 Overview Existing PKI practices Delegated path processing Cross-domain delegated validation Implications and future directions Conclusions

3 3 Existing PKI Practice: CRLs Original assumptions Online, untrusted Directory as repository Intermittent inter-site connectivity Trusted authorities (CAs) kept off-line Path discovery & validation is client- based, using data from repository and messages Limitations include timeliness, large volumes of data to manage and transport

4 4 Traditional PKI Clients do all the work Client PKI Client Application Path Discovery Status Resolution Certificate Processing Cert OK? Find Path Path Certs Cert status? Y/N Yes / No CRLs Trusted CAs Policies Path Verification Path OK? Y/N Repository

5 5 Existing PKI Practice: OCSP OCSP is seeing widespread adoption CAs delegate to OCSP responders that provide signed revocation information Designed to enable migration from CRLs Preserves client-based processing model, many semantics Allows improved timeliness Scope constrained to revocation status, not full validation of certificates or paths

6 6 Online Certificate Status Clients no longer have to manage status Client PKI Client Application Certificate Processing Cert OK? Yes / No Trusted CAs OCSP Server Repository Certs CRLs Policies Path Discovery Status Resolution Find Path Path Status? Good / not Path Verification Path OK? Y/N

7 7 DPD Server Delegated Path Discovery Clients no longer have to discover paths Client PKI Client Application Cert OK? Yes / No Repository Certs CRLs Path Discovery Status Resolution Cert + CAs, policies Path Verification Certificate Processing Trusted CAs Policies Path + Status evidence OCSP Server OCSP replies Status? Good / not

8 8 DPV Server Delegated Path Validation Current DPV proposals are to offload verification too Client PKI Client Application Certs CRLs Path Discovery Status Resolution Cert OK? Certificate Processing DPV Server Key Yes / No Path Verification Repository OCSP Server OCSP replies Policies Trusted CAs Real Trusted CAs Real Policies

9 9 Delegated Path Validation Advantages of DPV model: Vastly simpler client applications Centralized domain administration Disadvantages of DPV model: Online  availability & security issues Convenient monitoring point (privacy)

10 10 Trust and DPV The DPV server is the trust anchor Easier to manage authority compromise The DPV server is the trust dictator Clients do not validate the server’s “correctness” Client inputs are merely hints Still useful for client to identify context

11 11 Delegating Trust Across Domain Boundaries DPV servers consult other domains’ services to build responses to queries Clients rely on their DPV server to select the right sources to validate arbitrary certificates Different DPV servers’ views may differ Validation combines issuer domain information (certificates and status) with RP domain policies

12 12 Delegated Validation Across “Trust Fronts” Relying Party RP’s DPV B’s DPV A’s OCSP Relying Party control Issuer A control Issuer B CA A’s DPV Issuer B control Issuer A CA

13 13 Chained: Client gets authoritative reply via intermediary Intermediaries on path may be included Referred: Clients redirected to authoritative server Responses may be traceable to it Recursive: Each server aggregates data and generates its own responses Limited traceability Forms of Delegated Validation

14 14 DPV Implications for Cross-Certificates Domains can consider inter-domain trust relationships in formulating their DPV responses Fine-grain activation of trust relationships Available only for some clients Available only in some circumstances Like having multiple cross-certificates between domains

15 15 DPV Implications for Revocation Path construction actively involves intermediate domains Domains can consider status in formulating their responses No need to explicitly query for status Status is simply another factor in the availability of certain paths There is no path to a revoked certificate

16 16 DPV Implications for Certificates Queries eventually reach the issuer Necessary to obtain certificate status Issuer can assert more than just status Could respond with individual certificate elements, e.g.: Subject’s DN changes after cert is issued Can return new DN in DPV response Could even return subject’s public key  No revocation publishing at all

17 17 DPV Implications for Certificates In the limit, certificates become obsolete Certificate-free PKI: Authorities assign identifiers to entities’ public keys Entities present identifiers instead of certs RPs resolve identifiers to public keys via fully-delegated DPV XKMS already supports URLs for keys Active assertions are a new paradigm for PKI – X.509 didn’t consider them

18 18 Conclusions Current trend towards simplifying PKI clients challenges basic assumptions Delegating trust & distributing validation creates active authorities and intermediaries Introduces new issues: availability, latencies Facilities to constrain trust gain prominence Implications for revocation, certification Caveat adopter!

Download ppt "Extended Validation Models in PKI Alternatives and Implications Marc Branchaud John Linn"

Similar presentations

An Alternative to Short Lived Certificates By Vipul Goyal Department of Computer Science & Engineering Institute of Technology Banaras Hindu University.

An Alternative to Short Lived Certificates By Vipul Goyal Department of Computer Science & Engineering Institute of Technology Banaras Hindu University.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
A responsibility based model EDG CA Managers Meeting June 13, 2003.

A responsibility based model EDG CA Managers Meeting June 13, 2003.
Certificates Last Updated: Aug 29, 2013. A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.

Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
1 Lecture 13: Public Key Infrastructure terms PKI trust models –monopoly with registration authorities with delegated certificate authorities –oligarchy.

1 Lecture 13: Public Key Infrastructure terms PKI trust models –monopoly with registration authorities with delegated certificate authorities –oligarchy.
Validation Algorithms for a Secure Internet Routing PKI David Montana Mark Reynolds BBN Technologies.

Validation Algorithms for a Secure Internet Routing PKI David Montana Mark Reynolds BBN Technologies.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 eID validations services Houcine Bel Mamoune Unit manager eID Technical Drill down Session 7 April 2005.

1 eID validations services Houcine Bel Mamoune Unit manager eID Technical Drill down Session 7 April 2005.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct, 17 2012.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.

Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.

Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
CMSC 414 Computer (and Network) Security Lecture 17 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 17 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

Similar presentations

Ads by Google