I will defer to your experience in the war-stories you've heard, Nelson. You've certainly seen a lot more people do stupid things in this area than I have, I'm sure. I tend to get involved only when people want to do PKI the right way :-).
I am a strong believer that educating the general masses about doing things the right way leads a better environment for all of us. To that extent, based on my experiences in setting up more than a dozen PKIs over the last 9 years (from the world's largest pharmaceutical company to a medical devices startup that is embedding digital certificates in its devices for anti-counterfeiting) I have summarized some guidelines in an article called "Building a Successful PKI" article that was published in the ISSA Journal some years ago. It is available to ISSA members in their archives, or if interested readers send me an e-mail directly. Arshad Noor StrongAuth, Inc. Nelson B Bolyard wrote: > Arshad Noor wrote, On 2008-06-23 15:58: >> Nelson, >> >> I think you may want to qualify your message in this paragraph, so as >> to not mislead people who don't understand PKI very well. > > Arshad: > > I want people who don't understand PKI very well to get one message, > loud and clear: Don't try to make and use your own server certs. > > There are some very limited, very special circumstances in which > self signed server certs make sense and aren't time bombs. Those > circumstances may constitute 0.1% of the cases where people contemplate > using them. But in the other 99.9+% of the cases, self signed server > certs are a mistake, pure and simple. > > I have been developing and supporting SSL in browsers for 12 years now, > and during that time I have heard hundreds of stories from people who got > themselves into real binds by either trying to use self-signed server > certs or trying to run their own CA (but not knowing what they're really > doing). I've witnessed individuals, corporations, universities, and banks > stumble real hard over these mistakes. (I can write about the problems > at length, but won't unless asked.) > > Given the detailed specifics of a situation, it is possible to determine > if self-signed server certs (or certs from a home grown CA) would work in > that situation, but for the general case, the my best advice is: don't. > >> If they do these two things and follow their self-directed policies and >> procedures with reasonable diligence, then I would argue that there is >> no difference between self-signed or public-CA issued certs. > > Self-signed certs, whether EEs or CAs, are great until they have to be > replaced for any reason. They they're typically a huge nightmare, a > company-wide flag-day event for which no one is trained or prepared. > I've heard of companies that almost went bust over this. > > There are certainly people who really understand PKI, and really know > what they're doing. They can setup a real PKI and run a real CA. > They can devise a solution that meets their needs and fits their > situation, even if it involves their own self signed CA certs. > They know enough to avoid a setup that will someday cause that huge > nightmare, and they know that they can ignore my warnings. :) > > The problem is that people who really aren't qualified often think they > are qualified, and they choose to ignore warnings that they should not. > > Obtaining professional quality CA software may help avoid various problems > with certificate formats, and is likely to avoid problems with serial > number reuse, but even with such software, people who don't really > understand PKI can make colossal mistakes. > > So, my general advice to people contemplating issuing their own certs is: > unless you really know how to run a good CA, don't play CA and don't make > your own certs. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
