[cryptography] airgaps in CAs

Arshad Noor arshad.noor at strongauth.com
Mon Dec 12 21:57:47 EST 2011

On 12/8/2011 8:16 PM, Peter Gutmann wrote:
> Arshad Noor<arshad.noor at strongauth.com>  writes:
>> Every private PKI we have setup since 1999 (more than a dozen, of which a few
>> were for the largest companies in the world) has had the Root CA on a
>> non-networked machine with commensurate controls to protect the CA.
> What about TSAs, where you need a key with an irrevocable cert active on a
> machine directly connected to the Internet?

A TSA is not a CA; it is just another end-entity whose certificate
can be revoked, if necessary.  This does not necessarily invalidate
the signed time-stamps it issued before the revocation date (unless
the TSA's CP indicates another interpretation).  I'm not sure where
the "irrevocable cert" for a TSA comes from.

Only one of the PKIs we setup came close to needing a time-stamp for
legal reasons - all others were more concerned with just increasing
their infrastructure security rather than with legal bindings.  (All
customers did use NTP to synchronize network-connected machines; some
had their own GPS receivers to setup internal NTP servers, so their
notion of "time" was reasonably reliable).

However, even this single PKI that could have used a TSA did not
establish/use a TSA, because the process controls for digitally
signing a document were sufficiently onerous (required in the
pharmaceutical industry) to create the necessary "paper trail" to
verify a signed document's existence at a specific point-in-time.
Consequently, there was no need to setup/use a TSA.

Arshad Noor
StrongAuth, Inc.

More information about the cryptography mailing list