Sie sind hier: Startseite / Blog / Why a PKI is barely trustworthy

Why a PKI is barely trustworthy

  • End-point trusts *any* certificate from *any* CA configured
    • fake certificates issues by another CA are a common thread
    • measure "certificate pinning" only standardized for HTTP (HPKP, is now deprecated)
  • Centralized system
    • high demand for confidentiality of CA private keys
    • measure "intermediate certificates" makes system even more complex and more systems demanding high confidentiality
  • Key Revocation cumbersome
    • based on centralized "black list"
    • Certificate Revocation Lists (CRLs) growing *huge* quickly and need to be distributed to each end-point
    • OCSP (Online Certificate Status Protocol) requires online connection and additional services to be available 24/7
    • OSCP is a thread to privacy
  • Key renewal does not revoke old key
    • if the old key is still valid (with in its life-time) and not on the CRL, it can still be used
  • Complex to plan, deploy and run
  • No opportunistic use
    • Can either be enforced or not used at all.
    • Has no notion of "I stared communication encrypted, so I no longer accept unencrypted messages"
    • No TOFU (beside now-deprecated HPKP)