Presentation is loading. Please wait.

Presentation is loading. Please wait.

Seifenkasten Jens Jensen Berlin PMA, Jan 2015. Jens Jensen, STFC/RAL CA processes – overview Key generation and storage (qv) Receiving requests (CSR,

Published byChad Joseph Modified over 8 years ago

Similar presentations

Presentation on theme: "Seifenkasten Jens Jensen Berlin PMA, Jan 2015. Jens Jensen, STFC/RAL CA processes – overview Key generation and storage (qv) Receiving requests (CSR,"— Presentation transcript:

1 Seifenkasten Jens Jensen Berlin PMA, Jan 2015

2 Jens Jensen, STFC/RAL CA processes – overview Key generation and storage (qv) Receiving requests (CSR, CRR, …) Validating requests Archiving request metadata Signing certificate/CRL Supporting certificate “in the wild” (qv) Audit processes Person stuff: users, operators, authorisers Support processes (helpdesk, email/phone) Post-expiry support (qv)

3 Jens Jensen, STFC/RAL CA Processes – detail Key generation and storage –Generation of trustworthy key pair –Storage of “working copy” and activation data E.g. HSM, or offline Physical protection –Storage of backup copies Who can access backup copies – n-of-m –Knowledge of code/processes

4 Jens Jensen, STFC/RAL CA Processes – details Supporting certificate “in the wild” –Certificate status –Revoked when needed or other incident handling –Extensions to support its use in middleware –Crypto to support its validity/lifetime –Timely renewal and rekey Post expiry support –Validity (e.g. for digital signatures) –Late renewal/rekey

5 Jens Jensen, STFC/RAL Question(s) How brittle are these processes What sort of things make them break? –Is it bad if they break? –Can we mitigate breakage? –Can they be made less fragile? –Are we making them less fragile or more? –How easy is it to make them robust? History: have they broken before?

6 Jens Jensen, STFC/RAL History – have they broken before? Key generation and storage Deployment processes (rollout and retiring CA certs) Backups (backing up b0rken data) Receiving requests (CSR, CRR, …) Validating requests Archiving request metadata Signing certificate/CRL Supporting certificate “in the wild” Audit processes Intrusion – attacker breaking into the system Support processes (helpdesk, email/phone) Post-expiry support Few incidents are generic

7 Jens Jensen, STFC/RAL Why stuff breaks Brittle software –“Liberal in what it sends, conservative in what it accepts” –Resistant to changes –Tested on narrow cases –Complexity –Adding “features” instead of robustness

8 Jens Jensen, STFC/RAL Why stuff breaks Person problems –Don’t know the right process –Can’t be bothered –Shortcuts – under pressure from snr person, or time –Trying to be “helpful” Dumb downstream design –E.g. (a) CA retirement process, (b) reliance on issuer name, (c) checking for “expired” CRLs (even if no certs are issued)

9 Jens Jensen, STFC/RAL Why stuff breaks Usual software design/impl./test reasons Unknowns – back doors, unexpected risk Attacks (e.g. by bots, script kiddies) Lack of funding, lack of skills Hacks –Often necessary but can be brittle –Can break software updates All software dev is hard to do properly –Particularly science code?

10 Jens Jensen, STFC/RAL How can we make stuff less brittle Sharing: Documented stuff that works, code, processes –Sharing IdPs –Sharing code – kind of failed to do that Security analysis/testing Rewrite / reimplement –Make use of trustworthy components Design to be robust (“anti-fragile”?) (How good are we at doing this?)

11 Jens Jensen, STFC/RAL How can we make stuff less brittle Outsource: use commercial supplier More nagging? (RP software) Learn from failures –Share incidents – and near misses? Reviews help new CAs Compare CAs like DigiCert –that can put Real Funding™ behind the problem

12 Jens Jensen, STFC/RAL How can we really make stuff less brittle? Focus on stuff that works… GFD.225 and other best practices docs –“Not another unmaintained document” Science can do proper code development –Regression tests, robust by design –Preproduction testing, Change control –Just not done by default What else?

13 Jens Jensen, STFC/RAL How open can we be about “incidents” –How useful will a writeup be to others –Few generic incidents, only CA-specific of interest Separate into areas –crypto, –technology, –person “incidents”, –software dev

Download ppt "Seifenkasten Jens Jensen Berlin PMA, Jan 2015. Jens Jensen, STFC/RAL CA processes – overview Key generation and storage (qv) Receiving requests (CSR,"

Similar presentations

SOFTWARE MAINTENANCE 24 March 2013 William W. McMillan.

SOFTWARE MAINTENANCE 24 March 2013 William W. McMillan.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
Certificate Path Building draft-ietf-pkix-certpathbuild-01.txt Peter Hesse Matt Cooper Yuriy Dzambasow Susan Joseph Richard Nicholas.

Certificate Path Building draft-ietf-pkix-certpathbuild-01.txt Peter Hesse Matt Cooper Yuriy Dzambasow Susan Joseph Richard Nicholas.
AQA Computing A2 © Nelson Thornes 2009 Section 6.4 1 Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:

What if you suspect a security incident or software vulnerability? What if you suspect a security incident at your site? DON’T PANIC Immediately inform:
March 7, 2005MOBIKE WG, IETF 621 Mobility Protocol Options for IKEv2 (MOPO-IKE) Pasi Eronen.

March 7, 2005MOBIKE WG, IETF 621 Mobility Protocol Options for IKEv2 (MOPO-IKE) Pasi Eronen.
Tweaking the Certificate Lifecycle for the UK eScience CA John Kewley NGS Support Centre Manager & Service Manager for the UK e-Science CA

Tweaking the Certificate Lifecycle for the UK eScience CA John Kewley NGS Support Centre Manager & Service Manager for the UK e-Science CA
NECTEC-GOC CA APGrid PMA face-to-face meeting. October, 15 2006 Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.

NECTEC-GOC CA APGrid PMA face-to-face meeting. October, Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.
Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.

Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.
Module 7. Data Backups  Definitions: Protection vs. Backups vs. Archiving  Why plan for and execute data backups?  Considerations  Issues/Concerns.

Module 7. Data Backups  Definitions: Protection vs. Backups vs. Archiving  Why plan for and execute data backups?  Considerations  Issues/Concerns.
DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CERTIFICATES BASED ON AGGREGATED SECURITY ASSESSMENT By Alexander Beck Jens Graupmann Frank Ortmeier.

DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CERTIFICATES BASED ON AGGREGATED SECURITY ASSESSMENT By Alexander Beck Jens Graupmann Frank Ortmeier.
HEPSYSMAN UCL, 26 Nov 2002Jens G Jensen, CLRC/RAL UK e-Science Certification Authority Status and Deployment.

HEPSYSMAN UCL, 26 Nov 2002Jens G Jensen, CLRC/RAL UK e-Science Certification Authority Status and Deployment.
1 CS 501 Spring 2002 CS 501: Software Engineering Lecture 24 Delivering the System.

1 CS 501 Spring 2002 CS 501: Software Engineering Lecture 24 Delivering the System.
How to get users to love metadata. Our Problem Our problem Am I wrong?

How to get users to love metadata. Our Problem Our problem Am I wrong?
PKI: News from the Front and views from the Back Ken Klingenstein, Project Director, Internet2 Middleware Initiative Chief Technologist, University of.

PKI: News from the Front and views from the Back Ken Klingenstein, Project Director, Internet2 Middleware Initiative Chief Technologist, University of.
What is virtualization? virtualization is a broad term that refers to the abstraction of computer resources in order to work with the computer’s complexity.

What is virtualization? virtualization is a broad term that refers to the abstraction of computer resources in order to work with the computer’s complexity.
Security fundamentals Topic 5 Using a Public Key Infrastructure.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Similar presentations

Ads by Google