[cryptography] airgaps in CAs
arshad.noor at strongauth.com
Mon Dec 12 21:57:47 EST 2011
On 12/8/2011 8:16 PM, Peter Gutmann wrote:
> Arshad Noor<arshad.noor at strongauth.com> writes:
>> Every private PKI we have setup since 1999 (more than a dozen, of which a few
>> were for the largest companies in the world) has had the Root CA on a
>> non-networked machine with commensurate controls to protect the CA.
> What about TSAs, where you need a key with an irrevocable cert active on a
> machine directly connected to the Internet?
A TSA is not a CA; it is just another end-entity whose certificate
can be revoked, if necessary. This does not necessarily invalidate
the signed time-stamps it issued before the revocation date (unless
the TSA's CP indicates another interpretation). I'm not sure where
the "irrevocable cert" for a TSA comes from.
Only one of the PKIs we setup came close to needing a time-stamp for
legal reasons - all others were more concerned with just increasing
their infrastructure security rather than with legal bindings. (All
customers did use NTP to synchronize network-connected machines; some
had their own GPS receivers to setup internal NTP servers, so their
notion of "time" was reasonably reliable).
However, even this single PKI that could have used a TSA did not
establish/use a TSA, because the process controls for digitally
signing a document were sufficiently onerous (required in the
pharmaceutical industry) to create the necessary "paper trail" to
verify a signed document's existence at a specific point-in-time.
Consequently, there was no need to setup/use a TSA.
More information about the cryptography