[cryptography] [SSL Observatory] Diginotar broken arrow as a tour-de-force of PKI fail

Ian G iang at iang.org
Tue Sep 6 12:18:40 EDT 2011

On 6/09/11 1:07 PM, Peter Gutmann wrote:

>> This is true, but I'm not sure it's particularly relevant. (Who claims that
>> HSMs are magic pixie dust?)
> CAs, when they issue a press release saying "everything's OK, we never lost
> control of our private key"?  Some European countries also seem to have a
> near-fixation on smart cards for certificate use when they really only
> contribute epsilon to the overall security.

Just on this one point alone:  the European QC project is about smart 
cards, full stop.  It can be seen as a European-wide rollout of 
individual signing cards for all European citizens, backed up through 
the Digital Signing Directive and government controlled quality measures.

For European CAs, the SSL certificate is a sort of vestigial add-on, 
which is now seen in the DigiNotar affair.  In contrast, the American 
tradition is almost all about SSL certificates, and individuals are the 
poor scruffy cousin.

> The point is that security is
> more than just an HSM or smart card.

In this European context, the use of smart cards or HSMs to protect the 
signing key is a marketing certainty and not a risk management decision. 
  That is, if the client keys are "protected" by a smart card by legal 
dictat, then the signing key needs to be at least that well protected.


More information about the cryptography mailing list