A great write up Jon! As you know in a past life I was responsible for the Microsoft Root program and introduced much of the process that is used today - It really makes me happy to someone speak positively possibly about what they do and I couldn't agree more.
The only thing I would change in your description below Is that Microsoft does allow government CA's to be included in the program as do most if the other root programs. See: http://unmitigatedrisk.com/?p=181 Requirement is that the CA is designed and operated with the purpose of serving the Internet a large not in a commercial sense. With that said I agree with everything you said other than that. Ryan Hurst Sent from my phone, please forgive the brevity. On Jan 5, 2013, at 11:42 AM, Jon Callas <j...@callas.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I'm really glad you asked this question. It gives me to tell a story I've > wanted to tell for some time. I know the answer to your question because I've > done it. > > Some years ago, PGP Corporation toyed off and on with the idea of becoming a > CA. We looked at ways to get there through the side door, like buying the > assets of some company that was going out of business, and managed to be too > little, too late. > > So after a lot of dithering, we started a project to create a CA from > scratch. I led the project and it had a budget of US$250K. I code-named the > project Casablanca. Partially because Casablanca begins and ends with a CA, > but mostly because I really like the phrase, "I am shocked, shocked that PGP > is issuing X.509 certificates." > > The process for setting up a CA is straightforward and exacting. You have to > have physical and logical controls on things, dual-authentication and > separation of duties on just about everything, but it's straightforward. You > have to write a lot of documents, create a lot of procedures, and have all of > that audited. You have to get audited regularly and often as you start out, > and then the audits taper off after you show that you're running a tight > ship. > > The main thing you're looking to do is to pass the WebTrust audit and > associated practices that the platforms will require you to do. Microsoft has > the most mature process. They have a set of rules and guidelines. If you > follow them, you're in. One of those, by the way, is that you have to be a > retail CA, as opposed to an internal one or a government one. It's best to > work with Microsoft first, and once you're in their root program move to the > others. They are fair, disciplined, and helpful. Most of all, once you've > gone through all that, it's easier to get into the other important root > stores. > > If you go into this business with the attitude that you're doing a job that > protects the Internet at large, defends the public trust, and so on, then > you'll find the requirements completely reasonable and easy to do. > > Now that $250K that I spent got an offline root CA and an intermediate online > CA. The intermediate was not capable of supporting workloads that would make > you a major business. You need a data center after that, that supports the > workloads that your business requires. But of course, you can grow that with > your customer workload, and you can buy the datacenter space you need. > > The costs got split out to about 40% hardware, etc. and 60% people. It does > not include the people costs of the internal PGP personnel who worked on it. > I raided part time help from around the company. It took about fourteen > months from start to end. > > PGP bought an existing company, TrustCenter. TrustCenter was the remaining > end of GeoTrust (spun out Equifax) that Verisign did not buy. The plan was > that the PGP-branded Casablanca roots would be put into the TrustCenter > machinery and datacenters, and then you have a major CA. That got interrupted > by Symantec buying PGP and then buying Verisign. Casablanca is now rolled up > into their Norton CA business along with Verisign and Thawte, GeoTrust, etc. > > There are rumors, which you've read here about how there are lots of > underhanded obstacles in the way of becoming a CA. My experience is that the > only underhanded part of the industry is that no one in it dispels the rumors > that there are underhanded obstacles in your path. This is pretty much the > first time I have, so I suppose I'm as guilty as anyone else. > > Furthermore, there are lots of overblown rumors about the CA/Browser Forum. > You don't have to be a Forum member to be a CA. If you plan to issue EV > certificates, you have to follow the EV guidelines which are produced by the > CA/Browser Forum, but that is because the platforms won't put your EV root in > their stores unless you do. You don't have to be a member of the Forum to be > a CA. As a matter of fact, there are a large number of CAs that are not > members. > > The situation is similar to Internet protocols and the IETF. If you want to > make routers, you don't have to be a member of the IETF. You *will* have to > follow IETF documents, but you don't have to participate. Obviously, there > are advantages in participating, but there are also costs. > > I was involved in the CA/Browser Forum for a few years, first with Apple (on > the browser end) and then with Entrust (on the CA end). I heard the stories > about how it's a cartel, etc. At PGP, we had no plans to be members because > we had no interest in being part of a cartel. It was a huge disappointment to > be there and find out that it isn't a cartel at all, it's a volunteer > organization that handles lots of the rough edges of web PKI with the same > combination of spurts of efficiency and spurts of fecklessness that you find > in just about any organization that tries to get a bunch of organizations > with different goals to work together. > > Presently, the Forum is reorganizing itself for greater transparency and > participation, which is not going as well as it could, despite lots of good > ideas. But this is the way of all volunteer organizations, which often merely > shuffle around the dumb things and smart things they do -- in correcting a > dumb thing, they correct a smart one, too. There are many things one can > criticize the Forum for, but it's not the usual things you hear. If you're > starting a CA, you can deal with the Forum as you think it benefits you most. > > The long pole in the tent of setting up a CA is getting your roots in all the > platforms you need. It's much easier now than it has been in years past, but > that's the annoying part because every platform has their own rules. As I > said, start with Microsoft. These days, cross-certification is much harder > than it was. In the wake of the last few years, most CAs are not interested > in cross-certifying any more. > > Jon > > > -----BEGIN PGP SIGNATURE----- > Version: PGP Universal 3.2.0 (Build 1672) > Charset: us-ascii > > wj8DBQFQ6IImsTedWZOD3gYRAoUfAKDaIbRMkcJ/BsBsBvsL2juv8Ip88ACgu3zx > 9d+6LZUy2RMSiB8hfn44EHA= > =G5aJ > -----END PGP SIGNATURE----- > _______________________________________________ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
