[cryptography] How much does it cost to start a root CA ?

Ryan Sleevi ryan+cryptography at sleevi.com
Sun Jan 6 01:48:17 EST 2013


On Sat, January 5, 2013 10:10 pm, John Case wrote:
>
>  Jon,
>
>  Many thanks for this very informative post - really appreciated.
>
>  Some comments, below...
>
>
>  On Sat, 5 Jan 2013, Jon Callas wrote:
>
> > Now that $250K that I spent got an offline root CA and an intermediate
> > online CA. The intermediate was not capable of supporting workloads that
> > would make you a major business. You need a data center after that, that
> > supports the workloads that your business requires. But of course, you
> > can grow that with your customer workload, and you can buy the
> > datacenter space you need.
>
>
>  You're the second person in this thread to mention hardware and datacenter
>  costs ... and while I don't want to drift too far into a blood and guts
>  sysadmin rundown, I am curious...  Are you talking about the customer
>  facing, retail side of things with the webservers and the load balancers
>  and all of the things that make a "robust web presence" or are you talking
>  strictly the x.509 components ?
>
>  Because it seems to me (naive ?) that even a very high volume x.509
>  signing operation is ... maybe a pair of good 1u servers and a rack at a
>  decent (sas70/pci/blah/blah) datacenter ... ?  Ok, a firewall and maybe
>  some IDS system ... but we're still only a handful of 1u boxes and a
>  quarter of a rack...
>
>  Perhaps it's this kind of thinking that leads to failed audits :)

It will, it does, and the information is readily available from the
previous post.

https://www.cabforum.org/Baseline_Requirements_V1_1.pdf Sections 14
through 16

Additionally, https://www.cabforum.org/Network_Security_Controls_V1.pdf
describes a series of controls jointly developed by the browsers and CAs.
While I'm not aware of any Browser program requiring them *yet*, I think
any person concerned about the trust online would say "Yes, these are all
sensible requirements" - stuff that should be obvious for any entity
granted the ability to affect global Internet trust.

You can further find the details of the *existing* requirements for
Physical Security by looking through the recognized Audit programs, such
as WebTrust. See http://www.webtrust.org/homepage-documents/item54279.pdf
- in particular, Sections 3.4 and 3.5

Is it a perfect system? No. But even if the CA/Browser Forum is not fully
open (yet?), improvements can certainly be made to and through Mozilla,
given the openness and transparency that they maintain with their root
certificate policies.
https://lists.mozilla.org/listinfo/dev-security-policy as always - where
you can discuss things such as Mozilla's proposed policy changes,
http://www.mozilla.org/projects/security/certs/policy/WorkInProgress/InclusionPolicy.html

>
>
> > There are rumors, which you've read here about how there are lots of
> > underhanded obstacles in the way of becoming a CA. My experience is that
> > the only underhanded part of the industry is that no one in it dispels
> > the rumors that there are underhanded obstacles in your path. This is
> > pretty much the first time I have, so I suppose I'm as guilty as anyone
> > else.
>
>
>  That's nice to know, and I'm heartened that all the way into 2012 this is
>  still the case, but ... boy oh boy does this look and smell like a
>  marketplace ripe for monopolization and a cartel ... it's almost a classic
>  case.
>
>  I think the presence of a major browser that is a community, independent
>  effort is an interesting wrinkle, and the fickleness of the browsing
>  public (how fast did chrome shoot up the charts ?  Safari ?) adds a
>  wrinkle too, but ... there's no way the large, entrenched players aren't
>  sitting around thinking "gee we have a nice thing going here..."  Not a
>  conspiracy theory, just common sense...

You're disregarding the dynamics at play here. The CA's don't set the
requirements - the browsers do.

Yes, the browsers take input from the CAs, but they also (and in
particular, Mozilla) take input from their constituents. Whether you're a
closed-source vendor listening to your customers or an open-source
organization with a public process, there's still a great desire from the
browser vendors to engage the community. Nor is it in the browser vendors'
interests to ignore their users or their users' security. I don't think
any browser wants to be known as the *less* secure browser - we're all
jockeying to be *more* secure, especially where it matters most.

Any "defensiveness" is no doubt due to the fact that trust in the system
is shared between all participants - lose faith in one CA, and you lose
faith in all CAs. In that sense, existing CAs - particularly entranced
ones - have incentives to improve the state of the trust and security in
the overall system - the same thing users and browsers want most as well.
If the cost of improving the controls and security of the system is that
it means excluding CAs that are not prepared for the solemn public trust
that comes from being in the root stores, then that seems like a win for
all concerned parties.

I'm not trying to write an apologetic for the process or the system we
have - I think there's real room for improvement, and I think the system
that we have now is hardly the best that we can do. And while I share more
than my fair share of paranoia - which is why I think proposals such as
Sunlight/Certificate Transparency are so important - I don't think it's
fair to wildly speculate.

Hopefully, you'll take the information presented here as the basis for
further research - and as you see opportunities for improvements to the
process, share them.

>
>  Thanks again for a really thougt-provoking post.
>  _______________________________________________
>  cryptography mailing list
>  cryptography at randombit.net
>  http://lists.randombit.net/mailman/listinfo/cryptography
>




More information about the cryptography mailing list