Georg Lippold wrote: >> - so a possible mallicous user would first have to 'crack' the >> download pin to get any useful information about the correctness of >> the key-pin used at the webpage - in other words, he can't do a >> simple 'brute-force' attac on the key-pin, since its guarded by the >> download-pin > > > ??? Isn't that the same (even worse) than just making the key-pin a > bit longer? If you extend the key-pin by one number, you get 10x the > security of the previous pin-length. If you introduce a > "download-pin", it just adds a constant factor, that is usually > smaller than the key-pin (unless you make it longer than the key pin, > but that doesn't seem to make sense). With a download-pin at the same > length as the key pin, you just get 2x the secur> Hi Ives, > >> - the key is protected by its pin (which is given at request time >> or set by the ca) - if you download you have to give the key-pin as >> credential to get access to the key and for decryption >> >> the problem with this workflow is the following: >> >> - the key-pin is exposed to brute-force attacs on the web this >> would be like, putting the key (even encrypted) somewhere and >> waiving - hey poeple come and try yourself ;) > > You can fix that if your users only submit PKCS#10 requests. Then, > the private key is never exposed on the web. It works well with > Firefox and IE, as far as I tested. > >> therefore we decided to protect the key-pin with a separate >> download-pin which has to be set from the ra-officer ity instead of >> 10x by just adding one number to the key pin. > in principle you may be right (and some of my comments in this posting are not a direct reply to your comments but some general statements to other postings in this thread - i hope you may forgive me ;)
the point is - this key pin - may depending on the application a user choosen password (and even if there is a standard length of 10 characters required) most probably a week one (users don't like passwords ;), becouse its in total favor of the user preferences to type what he likes... so one bit or a char more or less won't help much in reality... so i think it makes sense to set a separate download-key, btw. there is no download-key set by default, which means - you can't download the key at all - so the key is not accessible until the second pin is set (so one can't brute force at all) becouse an ra-operator can set it - it may be 20 chars long and meet some other creteria set by the pki-policy... so i think its a good intermediary way to deal with this kind of applications where you want to have the key generated at server side and the user downloads key+cert after the download have been processed the key may removed from database or the download-pin may be removed - which renders the key unaccessible again for all other applications where no key gets to the ca/ra ever, we just don't have any problem - but this is application dependend and openca just provides the ability to realise such applications as well i mean you can easily change the pub interface in sich a way that there won't be no option for server-generated keys as the other way around, but this your choice, also how long you make the required minimum length for the key-pin and so on you may even decide to disable the second pin request - see documentation: 4.2.2.2 (yes its configurable ;) in section 4.2 Download usaly a pki isn't something you take install it and run it out of the box, some ppl and organisations may decide to do so - but in general this is a bad idea... even if default settings may be ok you should have a policy at least and someone has to write it and should know what he is doing there and he should be able to decide what configuration would be right or not and it also means: Read The Fine Manual or short RTFM ;) (i like this transcription more than others which are in use - hehe) it may be not perfect, but a lot of questions are usaly answered in there ;), yes it takes time but it helpes to understand the software and how it works and one doesn't have to 'discover' that one may be required to set a pwd at the ra-interface ;), like some people obvoisly do or how to configure it properly to needed requirements greetings dalini ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
