Hi Mark, Saul, Sunday, all,
I suppose that Cedrick or other staff may possibly reply in due course with
more details as regards this specific implementation of a CA (aka the AFRINIC
RPKI CA). However let me respond a bit generally about the reason to have an
offline portion of a CA.
Ultimately, a CA involves certificates and crypto as we all know. And this
needs keys, including private keys. The integrity of the entire system below
the CA depends on the top level private keys being ... private.
To automate anything the system doing the automation needs to connect to the
system being automated. In other words everything has to be "online" to an
extent. The thinking, generally, is that anything that is connected to other
things has the potential, however small the chance to be compromised.
Therefore, the best way to ensure absolute and certain privacy of the
all-important private key material is to "air-gap" it.
And thus it follows that when something else needs to be signed/verified using
these offline keys, you also don't want to copy them online, even briefly and
so you do the work offline and then copy the results back online. It is this
copy - bridging the air gap - that requires a human.
Put another way: You can't really automate sneaker-net.
- Daniel
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Wednesday, April 10, 2019 8:32 AM, Mark Tinka <[email protected]> wrote:
> Thanks, Cedrick.
>
> A question that is, perhaps, obvious... are you able to take the human
> component out of this?
_______________________________________________
Community-Discuss mailing list
[email protected]
https://lists.afrinic.net/mailman/listinfo/community-discuss
