On 2012-05-02 12:23 AM, Peter Gutmann wrote:
Thor Lancelot Simont...@panix.com writes:
NIST says 2048 bit RSA keys should have a 3 year lifetime. Who here really
wants to explain to customers (or investors!) that he willfully ignored that
recommendation and just reused the same old key when making the CSR for that
new certificate?
This is standard practice in a significant chunk of the industry, to the
extent that renew a certificate means get the same key recertified. You
don't wilfully ignore NIST recommendations, you click on renew
certificate. Dealing with cert rollover is painful enough already without
having to try and find PKI documents you've never heard of telling you what to
do.
That certs are painful, means they will be done wrong.
Despite numerous assurances that certs are easy, and I must be a
complete idiot to find them difficult, I have never found them easy, and
I have been the certificate guy in various companies because every
single other person in the company found them more difficult than I did.
Rather than having an elaborate and disfunctional certificate revocation
system, if certificates are needed, what is needed is a system where
certificates have an expiry time of a week or so, and a new key is auto
generated and certified every week or so if humans do nothing about it
and know nothing about it.
Of course, attempting to implement such a system immediately brings us
to the fact that the certifying authority does not know the people it is
certifying, nor what it is certifying, which is why certification is
difficult.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography