Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certification Path Processing in the Tumbleweed Validation Authority Product Line Federal Bridge CA Meeting 10/14/2004 Stefan Kotes, Engineering Manager.

Published byGerard Montgomery Modified over 8 years ago

Similar presentations

Presentation on theme: "Certification Path Processing in the Tumbleweed Validation Authority Product Line Federal Bridge CA Meeting 10/14/2004 Stefan Kotes, Engineering Manager."— Presentation transcript:

1 Certification Path Processing in the Tumbleweed Validation Authority Product Line Federal Bridge CA Meeting 10/14/2004 Stefan Kotes, Engineering Manager

2 Agenda Tumbleweed company overview Certification path processing
Basics PKI Structures Path Processing – Tumbleweed Client PKI Applications Desktop Validator, Server Validator Path Processing – Tumbleweed Validation Authority Overview, VA Distributed Model Delegated Path Validation, Delegated Path Discovery Case Study – Bridge VA Bridge VA Properties, Central & Distributed Model, Bridge VA Benefits Tumbleweed Solutions Recap Questions ?

3 Company Overview Founded in 1993 Headquartered in Redwood City, CA
Currently over 250 employees worldwide IPO in 1999 (NASDAQ:TMWD) Tumbleweed and Valicert merged in June 2003 Global Presence 700+ Commercial and Federal Customers Technology innovators Identity Management Solution (Valicert Validation Authority) Secure, Automated, Guaranteed Data Transfers (SecureTransport) Secure Messaging & Content Filtering (MMS & SecureRedirect)

4 Tumbleweed Enterprise Solutions
Tumbleweed Offers PKI Validation Authority Secure Transport Secure Transport Secure/Automated Data Exchange Firewall Tumbleweed eliminates complexity, risk, & cost associated with multiple point solutions. Org Policy Based Protection A user via PC goes to the Internet (cloud). Behind the internet is a firewall (brick wall) that protects an organizations’ internal network (PCs and Server). Spam Protection In-Depth Reporting

5 Certification Path Processing
Basics: Digital Certificates – securely binding the identity of a person/device to a public key. Core responsibility of an application - verify the authenticity and validity of certificate. Certification Path Processing Functions Step 1: Creating chain of trust (establishing a certification path) Step 2: Validating the created certification path

6 Hierarchical Structure
Hierarchical PKI: Relying parties trust single “root” CA Root CA certifies public keys of intermediate CAs Certificates are issued only in one direction ( a CA never certifies superior CA ) Certification path building – simple typically forward build direction is used Compromise of trust root may compromise entire system Root CA and underneath it is intermediate CA’s that contain CA certificates and user certificate.

7 Bi-lateral Cross-Certified Structure
Cross-Certification: Root CA is issuing a certificate for the other PKI’s root CA Relying parties of each PKIs can verify and accept certificates issued by other PKI Multiple cross-certified PKIs create mesh PKI Number of relationships grows exponentially with number of PKIs Mesh PKI - creation of unintended certification paths Lack of commercial adoption Cross certification between two root CA’s that contain CA certificates and user certificate.

8 Cross-Certification with a Bridge CA
Role of Bridge CA: Bridge multiple existing PKIs Reduce number of trust relationships between CAs Equate different PKI policies How it works: Bridge CA cross-certifies with “principal” CA in each participating PKI. Each participating CA needs to cross-certify with only one other CA Number of certified relationships grows linearly Bridge CA Deployment Issues: Complex certification path building traversing multiple PKI directories following AIA extension supporting multiple validation mechanisms (CRLs, CRLdp, OCSP) building paths in forward and reverse directions Cross certification of Root CA with multiple CA’s that contain CA certificates and user certificate. Source: NIST Recommendation for X.509 Path Validation Version 0.5 May 3, 2004 and Internet X.509 Public Key Infrastructure Certification Path Building (DRAFT RFC)

9 Desktop Validator Architecture
Desktop Validator (Standard) is used to enable certificate status checking for Windows client applications, such as Microsoft IE, Outlook, Outlook Express, Office (for signed word and Excel documents), and other client applications that use CAPI. Microsoft Outlook, Microsoft IE 4.X + Browser, Microsoft Outlook Express, Adobe Acrobat Reader 7.x, and PureEdge Viewer make calls to Crypto API (CAPI). CAPI makes call to CAPI Trust provider (Tumbleweed Desktop Validator 4.x Standard Edition). Tumbleweed DV makes calls to Tumbleweed Valicert Validation Authority 4.x and LDAP directory.

10 Desktop Validator Architecture
Desktop Validator (Enterprise) is used to enable certificate status checking for Windows server applications, such as IIS, Exchange 2003 (for OWA), Domain Controllers (for smart card login), IAS (for wireless authentication), and other evolving secure servers using CAPI (e.g. Voice-over-IP) Microsoft IIS, Microsoft Exchange Server 2003, Microsoft Domain Controller, VoIP Servers, Microsoft IAS, and Microsoft Windows VPN make calls to Crypto API (CAPI). CAPI makes call to CAPI Trust provider (Tumbleweed Desktop Validator 4.x Enterprise Edition). Tumbleweed DV makes calls to Tumbleweed Valicert Validation Authority 4.x and LDAP directory.

11 Server Validator Architecture
Server Validator (SV) is used to enable certificate status checking for secure web servers. Server Validator is invoked during the SSL/TLS handshake when a client authenticates to a web server using an X509v3 certificate. SV is responsible for ensuring that the certificates in the certificate chain are valid (not revoked) Tumbleweed Server Validator (SV) 4.x works with the following: Oracle App. Server, Redhat Stronghold, Mac OS X, Apache, Netscape/Sun, Microsoft ISA, IBM Lotus Domino, BEA Weblogic, modSSL, NSAPI, ISAPI, DSAPI, Identity Asserter. Tumbleweed Valicert Validation Authority 4.x works with PKC# and CAPI. Server Validator works with a wide range of secure servers, and runs on Windows 2000/2003 and UNIX/Linux

12 DV/SV Path Processing Path Building in MS CAPI and Web Servers
MS CAPI and Web Servers currently do not allow path building to be delegated to trust providers or web server APIs Default path discovery must succeed before validation plugins are executed Path Validation in MS CAPI and Web Servers Not complete Default process differs among different Windows system (NT, 2000, XP, 2003) No certificate policy processing in Windows 2000 DV/SV Path Validation Follows RFC 3280 Provides the same functionality across al supported platforms Can refine and enforce stricter validation rules Based on C/C++ and Java Valicert Validator Toolkit

13 DV/SV Path Validation Steps
Completeness of mandatory Certificate Information Certificate Time Validity Name Chaining (Subject Name, Issuer Name) Key Identifier Chaining (Authority Key Identifier, Subject Key Identifier (SKID)) Certificate Integrity Check (valid signature) Critical Extensions Check Basic Constraints Validation Is certificate a CA or end-entity Certificate Chain Length (path length = 0 allows only end entity certificates) Name Constraints Validation Certificate Policy Validation (policy oid assertions)

14 Path Processing Standards
Desktop Validator and Server Validator have been tested by DoD Joint Interoperability Test Command (JITC) using the NIST test suite. - For DOD JITC site -- includes DoD JITC issued certificates of compliance Testing of DV/SV in 2003 utilized the ‘Conformance Testing of Relying Party Client Certificate Path Processing Logic 1.07 documents, which is the basis for the JITC application testing suite. Public Key Interoperability Test Suite (PKITS) Certification Path Validation Version 1.0 9/2/04 will be the basis of our future testing efforts for DV/SV. See for latest PKITS

15 VA Server Architecture
VA aggregates revocation data (CRLs) from multiple certification authorities (CA). VA-to-VA mirroring allows for efficient revocation data transfer between VA’s (especially useful for low bandwidth environments) VA can integrate with a variety of hardware signing module (HSM) vendors for secure signing of the OCSP response VA supports direct, VA delegated, and CA delegated trust models CA Vendor (AOL CMS, Baltimore Unicert, VeriSign Onsite, Netscape CMS, Microsoft CA, Entrust PKI, Sun CMS, Computer Associates, Cylink, RSA Security Keon, Open CA) publishes CRL on LDAP Server (Netscape Directory Server, Microsoft Active Directory, Critical Path Directory), pushes CRL over HTTPS via Tumbleweed Validation Authority 4.x and fetches CRL from Tumbleweed Publisher 4.x For VA white papers, see

16 VA Repeater Architecture “Distributed”
HTTP Client interfaces with the Validation Authority Repeater, the VA Repeater interfaces with the Internet, the Internet interfaces with a Validation Authority Repeater, the VA Repeater interfaces with the Validation Authority Responder (OCSP Server) via firewall or air gap. VA Responder interfaces with an LDAP Server (for CRL), a CA (for CRL), and a Hardware Signing Module (for signing). HTTP proxy caching is described in RFC 2616 (and the earlier RFC 1945) Online Certificate Status Protocol (OCSP) (RFC 2560) is used to check status of a certificate issued by a CA without requiring a client to obtain the CRL issued by that CA. OCSP uses HTTP as its transport protocol. By excluding the nonce from OCSP requests, OCSP queries over HTTP are cacheable. A Responder can pre-produce signed OCSP responses (section 2.5 of RFC 2560) A Repeater can accept pre-produced OCSP responses published by a Responder. A Repeater can forward OCSP queries to a Responder on-demand or a repeater can mirror pre-computed OCSP caches periodically from the responder.

17 Path Processing in Validation Authority
VA Path Processing Path Processing in Validation Authority All previous examples show "fat" PKI client application What about "thin" clients like phones, PDAs working in constrained execution environments ? Solution is the Simple Certificate Validation Protocol (SCVP) which offers server assisted path discovery and validation. Clients have two options: Delegated Path Validation (DPV) DOD’s DMS using SCVP CAM ( use of SCVP Delegated Path Discovery (DPD)

18 Delegated Path Processing
Delegated Path Discovery (DPD): Getting certificate chain and revocation information (CRLs, OCSP responses) in single request Client performs path validation Authenticated DPD response is optional Certificate Sources for Delegated Path Discovery: Local certificate stores (files, CAPI stores) LDAPv3 Directory Authority Information Access extension Validation Authority Server

19 Delegated Path Processing
Delegated Path Validation: Verifies is requested certificate is valid according to specified validation policy DPV response must be authenticated Revocation Info Sources for Delegated Path Validation: CRLs from Certification Authorities OCSP responses from Tumbleweed Validation Authority, or other OCSP responder Real-Time or Pre-Computed

20 Bridge VA Bridge Bridge CA VA Phone Wireless Gateway
3. Chain Building, Policy Processing, Status Checking Bridge CA Bridge VA 0. Load Local Policies 2. Certificate Validation Request (using SCVP) 4. Certificate Validity (after applying the Bridge CA’s policies) Bridge CA interfaces with the Bridge VA. Bridge VA interfaces with the Wireless Gateway (Relying Party). Phone (Cert Holder) interfaces with the Wireless Gateway. Wireless Gateway (Relying Party) Phone (Cert Holder) 1. Send Data with Certificate 5. Accept/Reject Transaction

21 Properties of Good Bridge VA
Bridge VA Requirements Ability to deal with multiple CAs and Directories Flexible search mechanisms (when looking for certificates) Support for multiple certificate validation mechanisms: OCSP (Real-Time, Pre-Computed, Identrus model, …) CRL, CRLdp Ability to enforce Bridge CA Policies Flexibility in its ability to handle local policies High performance with high security

22 Deployment Model: Central Bridge VA
A single Bridge VA running next to Bridge CA Implements Bridge CA policies Common service for all relying party applications Bridge CA CA1 Domain Bridge CA CA1 Root 2. Validation Request (Root = CA1) Bridge VA Relying Party 3. Validation Response 1. Transaction + Certificates CA2 Domain CA2 Root CA1 Domain contains the CA1 Root, and the Relying Party (trust path between the Bridge CA and the Bridge VA). Bridge CA contains the Bridge CA and the Bridge VA (trust path between the Relying Party and the CA2 Root). CA2 Domain contains the CA2 Root and the Client Application (trust path between the Relying Party). Client Application 0. Issues Certificate Trust Path

23 Deployment Model: Distributed Bridge VA
An organization can decide to run its own Bridge VA to overwrite the rules and policies of the Bridge CA Local Bridge VA can trust other CAs, not trust some central ones Domains that follow Bridge CA policies completely do not need their own Bridge VA Bridge CA CA1 Domain CA1 Root Bridge CA CA1 Bridge VA Bridge VA 2a. Consultation 3. Validation Response 2. Validation Request (Root Unspecified) CA2 Domain CA2 Root Client Application 1. Transaction + Certificates 0. Issues Cert. CA1 Domain contains the CA1 Bridge VA, the CA1 Root, and the Client Application (trust path with the Bridge CA & the Bridge VA). Bridge CA contains the Bridge CA and the Bridge VA. CA2 Domain contains the CA2 Root and the Client Application (trust path with the CA1 Domain). Client Application Trust Path

24 Easier interoperability across CAs
Benefits of a Bridge VA Simplifies client application path processing Gives more control over path discovery and path validation through centralized policy enforcement Easier interoperability across CAs Performance benefits for client applications Future-proofing of applications

25 Tumbleweed Validation Solution Recap
Our Validation Authority solution offers a variety of validation protocols (OCSP, SCVP, CRL, CRL DP, CMP, etc.) to choose from, allowing maximum flexibility in customer deployments Open standards based (IETF RFC 2560, 3280, NIST FIPS 140-1) Desktop Validator and Server Validator available for multiple platforms and applications Validator Toolkit available for Win32, Solaris, HP-UX, AIX, MacOS, Linux DOD JITC Tested & FIPS Certified NIAP Common Criteria (EAL3) underway

26 Resources Contact information: Stefan Kotes Validation Authority, Client Applications - Engineering Manager Product Information and White Papers – Main Product web page - Security Compliance Information

Download ppt "Certification Path Processing in the Tumbleweed Validation Authority Product Line Federal Bridge CA Meeting 10/14/2004 Stefan Kotes, Engineering Manager."

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Extended Validation Models in PKI Alternatives and Implications Marc Branchaud John Linn

Extended Validation Models in PKI Alternatives and Implications Marc Branchaud John Linn
Deploying and Managing Active Directory Certificate Services

Deploying and Managing Active Directory Certificate Services
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.

SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer

Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Understanding Active Directory

Understanding Active Directory
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Similar presentations

Ads by Google