Springe zum Hauptinhalt

Why a PKI is barely trustworthy

  • End-point trusts any certificate from any CA configured

    • fake certificates issues by another CA are a common thread

    • measure "certificate pinning" only standardized for HTTP (HPKP, is now deprecated)

  • Centralized system

    • high demand for confidentiality of CA private keys

    • measure "intermediate certificates" makes system even more complex and more systems demanding high confidentiality

  • Key Revocation cumbersome

    • based on centralized "black list"

    • Certificate Revocation Lists (CRLs) growing huge quickly and need to be distributed to each end-point

    • OCSP (Online Certificate Status Protocol) requires online connection and additional services to be available 24/7

    • OSCP is a thread to privacy

  • Key renewal does not revoke old key

    • if the old key is still valid (with in its life-time) and not on the CRL, it can still be used

  • Complex to plan, deploy and run

  • No opportunistic use

    • Can either be enforced or not used at all.

    • Has no notion of "I stared communication encrypted, so I no longer accept unencrypted messages"

    • No TOFU (beside now-deprecated HPKP)

Portrait von Hartmut Goebel
Hartmut Goebel
Diplom-Informatiker, CISSP, CSSLP, ISO 27001 Lead Implementer

Haben Sie noch Fragen?
Anruf oder Mail genügt:
Telefon:   +49 871 6606-318
Mobil:   +49 175 29 78 072
E-Mail:   h.goebel@goebel-consult.de