Given a scenario, implement public key infrastructure Flashcards
Public key infrastructure (PKI)
Key management Certificate authority (CA) Intermediate CA Registration authority (RA) Certificate revocation list (CRL) Certificate attributes Online Certificate Status Protocol (OCSP) Certificate signing request (CSR) CN Subject alternative name Expiration
Key management
Key management refers to operational considerations for the various stages in a key’s life cycle. A key’s life cycle may involve the following stages:
Key generation—creating a secure key pair of the required strength, using the chosen cipher.
Certificate generation—to identify the public part of a key pair as belonging to a subject (user or computer), the subject submits it for signing by the CA as a digital certificate with the appropriate key usage. At this point, it is critical to verify the identity of the subject requesting the certificate and only issue it if the subject passes identity checks.
Storage—the user must take steps to store the private key securely, ensuring that unauthorized access and use is prevented. It is also important to ensure that the private key is not lost or damaged.
Revocation—if a private key is compromised, the key pair can be revoked to prevent users from trusting the public key.
Expiration and renewal—a key pair that has not been revoked expires after a certain period. Giving the key or certificate a “shelf-life” increases security. Certificates can be renewed with new key material.
Key management can be centralized, meaning that one administrator or authority controls the process, or decentralized, in which each user is responsible for his or her keys.
Certificate authority (CA)
A server that guarantees subject identities by issuing signed digital certifcate wrappers for their public keys.
Intermediate CA
A CA that is signed by a superior CA (e.g., a Root CA or another Intermediate CA) and signs CAs (e.g., another Intermediate or Subordinate CA). The Intermediate CA exists in the middle of a trust chain between the Trust Anchor, or Root, and the subscriber certificate issuing Subordinate CAs.
Registration authority (RA)
In PKI, an authority that accepts requests for digital certificates and authenticates the entities making those requests.
Certificate revocation list (CRL)
A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their actual or assigned expiration date.
Certificate attributes
Serial number
A number uniquely identifying the certificate within the domain of its CA.
Signature algorithm
The algorithm used by the CA to sign the certificate.
Issuer
The name of the CA.
Valid from/to
Date and time during which the certificate is valid.
Subject
The name of the certificate holder, expressed as a distinguished name (DN).Within this, the common name (CN) part should usually match either the fully qualified domain name (FQDN) of the server or a user email address.
Public key
Public key and algorithm used by the certificate holder.
Extensions
V3 certificates can be defined with extended attributes, such as friendly subject or issuer names, contact email addresses, and intended key usage.
Subject alternative name (SAN)
This extension field is the preferred mechanism to identify the DNS name or names by which a host is identified.
Online Certificate Status Protocol (OCSP)
Allows clients to request the status of a digital certificate, to check whether it is revoked.
Certificate signing request (CSR)
A Base64 ASCII file that a subject sends to a CA to get a certificate.
CN
An X500 attribute expressing a host or user name, also used as the subject identifier for a digital certificate.
Subject alternative name
Field in a digital certificate allowing a host to be identifed by multiple host names/subdomains.
Expiration
Expiration and renewal—a key pair that has not been revoked expires after a certain period. Giving the key or certificate a “shelf-life” increases security. Certificates can be renewed with new key material.
Types of certificates
Wildcard Subject alternative name Code signing Self-signed Machine/computer Email User Root Domain validation Extended validation
Wildcard
Subject alternative name
Code signing
A code signing certificate is issued to a software publisher, following some sort of identity check and validation process by the CA. The publisher then signs the executables or DLLs that make up the program to guarantee the validity of a software application or browser plug-in. Some types of scripting environments, such as PowerShell, can also require valid digital signatures. The CN is set to an organization name, such as “CompTIA Development Services, LLC,” rather than a FQDN.
Self-signed
Any machine, web server, or program code can be deployed with a self-signed certificate. Self-signed certificates will be marked as untrusted by the operating system or browser, but an administrative user can choose to override this.
Machine/computer
It might be necessary to issue certificates to machines (servers, PCs, smartphones, and tablets), regardless of function. For example, in an Active Directory domain, machine certificates could be issued to Domain Controllers, member servers, or even client workstations. Machines without valid domain-issued certificates could be prevented from accessing network resources. Machine certificates might be issued to network appliances, such as routers, switches, and firewalls. The SAN and often the CN attribute should be set to the FQDN of the machine (host name and local domain part).
An email certificate can be used to sign and encrypt email messages, typically using Secure Multipart Internet Message Extensions (S/MIME) or Pretty Good Privacy (PGP). The user’s email address must be entered as the SAN and CN. On a directory-based local network, such as Windows Active Directory, there may be a need for a wider range of user certificate types. For example, in AD there are user certificate templates for standard users, administrators, smart card logon/users, recovery agent users, and Exchange mail users (with separate templates for signature and encryption). Each certificate template has different key usage definitions.
User
Root
The root certificate is the one that identifies the CA itself. The root certificate is self-signed. A root certificate would normally use a key size of at least 2048 bits. Many providers are switching to 4096 bits. The CN for a root certificate is set to the organization/CA name, such as “CompTIA Root CA,” rather than an FQDN.
Domain validation
Domain Validation (DV)—proving the ownership of a particular domain. This may be proved by responding to an email to the authorized domain contact or by publishing a text record to the domain. This process can be highly vulnerable to compromise.
Extended validation
Extended Validation (EV)—subjecting to a process that requires more rigorous checks on the subject’s legal identity and control over the domain or software being signed. EV standards are maintained by the CA/Browser forum (cabforum.org).An EV certificate cannot be issued for a wildcard domain.
Certificate formats
Distinguished encoding rules (DER) Privacy enhanced mail (PEM) Personal information exchange (PFX) .cer P12 P7B
Distinguished encoding rules (DER)
The binary format used to structure the information in a digital certificate.
Privacy enhanced mail (PEM)
Base64 encoding scheme used to store certificate and key data as ASCII text.
Personal information exchange (PFX)
Windows file format for storing a private key and certificate data. The file can be password-protected.
.cer
The .CRT and .CER extensions can also be used, but they they are not well-standardized. Most of the confusion arises from the way Windows handles certificates. In Linux, .CRT is most likely to represent an ASCII certificate. In Windows, the most common extension is .CER, but this does not tell you whether the file format is binary or ASCII.
P12
P7B
File format for transmitting a chain of digital certificates, using PKCS#7
Concepts
Online vs. offline CA Stapling Pinning Trust model Key escrow Certificate chaining
Online vs. offline CA
An online CA is one that is available to accept and process certificate signing requests, publish certificate revocation lists, and perform other certificate management tasks. Because of the high risk posed by compromising the root CA, a secure configuration involves making the root an offline CA. This means that it is disconnected from any network and usually kept in a powered-down state. The root CA will need to be brought online to add or update intermediate CAs.
Stapling
Mechanism used to mitigate performance and privacy issues when requesting certificate status from an OCSP responder.
Pinning
A deprecated method of trusting digital certificates that bypasses the CA hierarchy and chain of trust to minimize man-in-the-middle attacks.
Trust model
Key escrow
In key management, the storage of a backup key with a third party.
Certificate chaining
A method of validating a certificate by tracing each CA that signs the certificate, up through the hierarchy to the root CA. Also referred to as chain of trust.
