I don't see your problem honestly. Figuring out a private key is close to impossible. And stealing it, well, that is more related to security itself than to the actual key being secure or not.
>From what I understand, a chain works somewhat like this you --peter ----john ------carl You talk to peter, peter is trusted by john, john is trusted by carl, you trust carl Say if you were to obsolete carl in this chain (by trusting john) john would then become the root If this is the case, why would you want to have carl at all? Thawte, verisign etc work the same way Also, why is distributing a CA cert so difficult? What is your environment? What applications are using the certs? And how do they verify the chain? Again, without the key for each CA it can't be compromised Has this actually happened or is this someone eing paranoid? Who has created the chain? I'm still not clear of the purpose of the root ca if it should not need to be trusted Regards, Serge Fonville On Tue, Sep 1, 2009 at 3:52 PM, Yin, Ben 1. (NSN - CN/Cheng Du)<ben.1....@nsn.com> wrote: > No. In our enviroment. The root CA private key is isolated and absolutly > safe. Regarding the compromised, I means CA can't be trusted any more, Such > as the private key was stolen some how or someone find a way to figure out > private key for one CA. it easy to set up new sub ca in one domain if those > compromise happened on sub ca. but if it happened on root ca, it's quite hard > to fix the our whole network. Thanks. > > > Br > > Ben > > -----Original Message----- > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville > Sent: Tuesday, September 01, 2009 4:31 PM > To: openssl-users@openssl.org > Subject: Re: Verify certificate using subordinate ca > > Based on what you state. > There is no purpose for the root CA. > > What do you mean by compromised. > If you publish a CA certificate to clients, it does not include the > key. (normally) > So the only thing a client can do is use it in the session at best. > There is NO way a client can use a CA certificate to sign anything > without the corresponding key. > > I have a chain on my website, and noone (except me, because I can > access the server) is able to sign anything. Since the CAs are only > used for signing and verifying and not for encrypting, if the CA keys > are stored safely, there is no 'compromise' > > Are you distributing the keys as well? > > HTH > > Regards, > > Serge Fonville > > > On Tue, Sep 1, 2009 at 2:13 PM, Yin, Ben 1. (NSN - CN/Cheng > Du)<ben.1....@nsn.com> wrote: >> I only want to verfiy the signature (I mean the procedure when sub ca >> sign the certiticate). So I guess sub ca and certification should has >> enough info to do it because we needn't root ca when we use sub ca to >> sign the certificate. Is there a way for this requirement? Thanks. >> >> >> Br >> >> Ben >> >> -----Original Message----- >> From: owner-openssl-us...@openssl.org >> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Yin, Ben 1. >> (NSN - CN/Cheng Du) >> Sent: Tuesday, September 01, 2009 3:06 PM >> To: openssl-users@openssl.org >> Subject: RE: Verify certificate using subordinate ca >> >> Hi Serge, >> >> My intention is to keep my root ca out of compromise. We want to use sub >> ca to splite the domain in the our whole network. Then, we can easy to >> re-sign a new sub ca and publish it if we find one domain sub ca was >> compromised. And if we expose the the root ca to public ,it hard to >> maintain if root ca was cracked. >> >> And as you said, "create a new chain and let sub ca as root", I don't >> know how to do it. In my testing, I set verify depth to 1. I guess it >> will make chain only include certificate and sub ca. the testing show >> that the openssl still try to find the issuer of sub ca, and so the >> verification was failed. >> >> Here is the output: >> >> -with certificate at depth: 1 >> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >> err 20:unable to get local issuer certificate >> -with certificate at depth: 1 >> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >> err 27:certificate not trusted >> -with certificate at depth: 0 >> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >> subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab. >> err 27:certificate not trusted >> >> And FYI. Here is the complete chain verfication output. >> >> -with certificate at depth: 2 >> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >> err 0:ok >> -with certificate at depth: 1 >> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Root CA >> subject = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >> err 0:ok >> -with certificate at depth: 0 >> issuer = /C=fi/O=WCDMA/CN=NSN Tre WCDMA Sub1 CA >> subject = /C=FI/ST=Tampere/L=Tampere/O=NSN/CN=lab. >> err 0:ok >> >> Thanks. >> >> Br >> >> Ben >> >> -----Original Message----- >> From: owner-openssl-us...@openssl.org >> [mailto:owner-openssl-us...@openssl.org] On Behalf Of ext Serge Fonville >> Sent: Tuesday, September 01, 2009 2:14 PM >> To: openssl-users@openssl.org >> Subject: Re: Verify certificate using subordinate ca >> >> Hi, >> >> Hmm... >> >> I've had the same issue. >> Basically it came down to "how do you know if the sub is reliable if >> you do not know whether to trust the root?" >> If you do not wish to have the root as part of the chain, create a new >> chain where the sub is the root >> What is the reason you do not want to use the root in the chain check, >> but it should be part of the chain? >> >> HTH >> >> Regards, >> >> Serge Fonville >> >> On Tue, Sep 1, 2009 at 1:04 PM, Yin, Ben 1. (NSN - CN/Cheng >> Du)<ben.1....@nsn.com> wrote: >>> Hi, >>> >>> It there a way to verify certificate with out root ca? I have 4 >> certificate: >>> rootca.pem is the root ca (self signed). subca.pem was signed by >> rootca.pem. >>> cert1.pem & cert2.pem was signed by subca.pem. I was supposed to >> configure >>> the client and server using subca.pem as ca, and cert1.pem & cert2.pem >> as >>> certificate. It seem that openssl still try to find rootca.pem to >> verfiy >>> subca.pem when handshake. But I don't what root.pem can bo accessed >> for >>> keeping it safe. So It there a way to verify certificate with out root >> ca, >>> only using sub ca and certificate signed by sub ca? Thanks. >>> >>> Br >>> >>> Ben >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
