A great write up Jon!

As you know in a past life I was responsible for the Microsoft Root program and 
introduced much of the process that is used today - It really makes me happy to 
someone speak positively possibly about what they do and I couldn't agree more.

The only thing I would change in your description below Is that Microsoft does 
allow government CA's to be included in the program as do most if the other 
root programs.

See: http://unmitigatedrisk.com/?p=181

Requirement is that the CA is designed and operated with the purpose of serving 
the Internet a large not in a commercial sense.

With that said I agree with everything you said other than that.

Ryan Hurst

Sent from my phone, please forgive the brevity.

On Jan 5, 2013, at 11:42 AM, Jon Callas <j...@callas.org> wrote:

> Hash: SHA1
> I'm really glad you asked this question. It gives me to tell a story I've 
> wanted to tell for some time. I know the answer to your question because I've 
> done it.
> Some years ago, PGP Corporation toyed off and on with the idea of becoming a 
> CA. We looked at ways to get there through the side door, like buying the 
> assets of some company that was going out of business, and managed to be too 
> little, too late.
> So after a lot of dithering, we started a project to create a CA from 
> scratch. I led the project and it had a budget of US$250K. I code-named the 
> project Casablanca. Partially because Casablanca begins and ends with a CA, 
> but mostly because I really like the phrase, "I am shocked, shocked that PGP 
> is issuing X.509 certificates." 
> The process for setting up a CA is straightforward and exacting. You have to 
> have physical and logical controls on things, dual-authentication and 
> separation of duties on just about everything, but it's straightforward. You 
> have to write a lot of documents, create a lot of procedures, and have all of 
> that audited. You have to get audited regularly and often as you start out, 
> and then the audits taper off after you show that you're running a tight 
> ship. 
> The main thing you're looking to do is to pass the WebTrust audit and 
> associated practices that the platforms will require you to do. Microsoft has 
> the most mature process. They have a set of rules and guidelines. If you 
> follow them, you're in. One of those, by the way, is that you have to be a 
> retail CA, as opposed to an internal one or a government one. It's best to 
> work with Microsoft first, and once you're in their root program move to the 
> others. They are fair, disciplined, and helpful. Most of all, once you've 
> gone through all that, it's easier to get into the other important root 
> stores.
> If you go into this business with the attitude that you're doing a job that 
> protects the Internet at large, defends the public trust, and so on, then 
> you'll find the requirements completely reasonable and easy to do. 
> Now that $250K that I spent got an offline root CA and an intermediate online 
> CA. The intermediate was not capable of supporting workloads that would make 
> you a major business. You need a data center after that, that supports the 
> workloads that your business requires. But of course, you can grow that with 
> your customer workload, and you can buy the datacenter space you need.
> The costs got split out to about 40% hardware, etc. and 60% people. It does 
> not include the people costs of the internal PGP personnel who worked on it. 
> I raided part time help from around the company. It took about fourteen 
> months from start to end.
> PGP bought an existing company, TrustCenter. TrustCenter was the remaining 
> end of GeoTrust (spun out Equifax) that Verisign did not buy. The plan was 
> that the PGP-branded Casablanca roots would be put into the TrustCenter 
> machinery and datacenters, and then you have a major CA. That got interrupted 
> by Symantec buying PGP and then buying Verisign. Casablanca is now rolled up 
> into their Norton CA business along with Verisign and Thawte, GeoTrust, etc.
> There are rumors, which you've read here about how there are lots of 
> underhanded obstacles in the way of becoming a CA. My experience is that the 
> only underhanded part of the industry is that no one in it dispels the rumors 
> that there are underhanded obstacles in your path. This is pretty much the 
> first time I have, so I suppose I'm as guilty as anyone else.
> Furthermore, there are lots of overblown rumors about the CA/Browser Forum. 
> You don't have to be a Forum member to be a CA. If you plan to issue EV 
> certificates, you have to follow the EV guidelines which are produced by the 
> CA/Browser Forum, but that is because the platforms won't put your EV root in 
> their stores unless you do. You don't have to be a member of the Forum to be 
> a CA. As a matter of fact, there are a large number of CAs that are not 
> members.
> The situation is similar to Internet protocols and the IETF. If you want to 
> make routers, you don't have to be a member of the IETF. You *will* have to 
> follow IETF documents, but you don't have to participate. Obviously, there 
> are advantages in participating, but there are also costs.
> I was involved in the CA/Browser Forum for a few years, first with Apple (on 
> the browser end) and then with Entrust (on the CA end). I heard the stories 
> about how it's a cartel, etc. At PGP, we had no plans to be members because 
> we had no interest in being part of a cartel. It was a huge disappointment to 
> be there and find out that it isn't a cartel at all, it's a volunteer 
> organization that handles lots of the rough edges of web PKI with the same 
> combination of spurts of efficiency and spurts of fecklessness that you find 
> in just about any organization that tries to get a bunch of organizations 
> with different goals to work together.
> Presently, the Forum is reorganizing itself for greater transparency and 
> participation, which is not going as well as it could, despite lots of good 
> ideas. But this is the way of all volunteer organizations, which often merely 
> shuffle around the dumb things and smart things they do -- in correcting a 
> dumb thing, they correct a smart one, too. There are many things one can 
> criticize the Forum for, but it's not the usual things you hear. If you're 
> starting a CA, you can deal with the Forum as you think it benefits you most.
> The long pole in the tent of setting up a CA is getting your roots in all the 
> platforms you need. It's much easier now than it has been in years past, but 
> that's the annoying part because every platform has their own rules. As I 
> said, start with Microsoft. These days, cross-certification is much harder 
> than it was. In the wake of the last few years, most CAs are not interested 
> in cross-certifying any more.
>    Jon
> Version: PGP Universal 3.2.0 (Build 1672)
> Charset: us-ascii
> wj8DBQFQ6IImsTedWZOD3gYRAoUfAKDaIbRMkcJ/BsBsBvsL2juv8Ip88ACgu3zx
> 9d+6LZUy2RMSiB8hfn44EHA=
> =G5aJ
> _______________________________________________
> cryptography mailing list
> cryptography@randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

Attachment: smime.p7s
Description: S/MIME cryptographic signature

cryptography mailing list

Reply via email to