|
In the operation of some cryptosystems, usually public key infrastructures (PKIs), a certificate revocation list (CRL) is a list of certificates (more accurately: their serial numbers) which have been revoked, are no longer valid, and should not be relied upon by any system user. A cryptosystem (or cryptographic system) is the package of all procedures, protocols, cryptographic algorithms and instructions used for encoding and decoding messages using cryptography. ...
In cryptography, a public key infrastructure (PKI) is an arrangement that provides for trusted third party vetting of, and vouching for, user identities. ...
In cryptography, a public key certificate (or identity certificate) is a certificate which uses a digital signature to bind together a public key with an identity — information such as a the name of a person or an organisation, their address, and so forth. ...
There are different revocation reasons defined in RFC 3280:
- revoked: A certificate is irreversibly revoked (and entered on a CRL) if, for instance, it is discovered that the certificate authority (CA) had improperly issued a certificate or a private-key is thought to have been compromised. Certificates may also be revoked for failure of the identified entity to adhere to policy requirements such as publication of false documents, mis-representation of software behavior, or violation of any other policy specified by the CA operator or its customer. The most common reason for revokation is the user's not being in sole possession of the private key (e.g token containing the private key has been lost or stolen).
- hold: This reversible status can be used to notice the temporary invalidity of the certificate, for instance when the user is not sure if the private key has been lost. If, in this example, the private key was found again and nobody had access to it, the status can be reinstated, and the certificate is valid again, thus removing the certificate from further CRLs.
Usually, a CRL is generated on the one hand periodically after a clearly defined timeframe and (optionally) on the other hand immediately after a certificate has been revoked. The CRL is always issued by the CA which issues the corresponding certificates. All CRLs have a (often short) lifetime in which they are valid and in which they may be consulted by a PKI-enabled application to verify a counterpart's certificate prior its use. To prevent spoofing or denial-of-service attacks, CRLs are usually signed by the issuing CA and therefore carry a digital signature. To validate a specific CRL prior relying on it, the certificate of its corresponding CA is needed, which usually can be found on a (even public) directory. In cryptography, a certificate authority or certification authority (CA) is an entity which issues digital certificates for use by other parties. ...
In computer security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gains an illegitimate advantage. ...
In computer security, a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. ...
In computing, a directory, catalog, or folder, is an entity in a file system which can contain a group of files and/or other directories. ...
Certificate expiration dates are not a substitute for a CRL as the problem may be discovered whilst the certificate has not yet expired. CRLs or other certificate validation techniques are a necessary part of any properly operated PKI as mistakes in certificate vetting and key management are expected to occur in real world operations. In a noteworthy example, a certificate for Microsoft was mistakenly issued to an unknown individual who had successfully posed as Microsoft by the CA contracted to maintain the ActiveX 'publisher certificate' system (VeriSign). Microsoft saw the need to patch their cryptography subsystem so it would check the status of certificates before trusting them. As a short term fix, a patch was issued for the relevant Microsoft software (most importantly Windows) specifically listing the two certificates in question as 'revoked'. Microsoft Corporation, (NASDAQ: MSFT, HKSE: 4338) is a multinational computer technology corporation with global annual revenue of US$44. ...
In programming, the Component Object Model (COM), also known as ActiveX, is a Microsoft technology for software components. ...
VeriSign, Inc. ...
The certificates for which a CRL should be maintained are often X.509/public key certificates, as this format is commonly used by PKI schemes. In cryptography, X.509 is an ITU-T standard for public key infrastructure (PKI). ...
PKC, see PKC (disambiguation) Public-key cryptography is a form of modern cryptography which allows users to communicate securely without previously agreeing on a shared secret key. ...
In cryptography, a public key certificate (or identity certificate) is a certificate which uses a digital signature to bind together a public key with an identity — information such as the name of a person or an organization, their address, and so forth. ...
Problems with all CRLs
Best practices require that wherever and however certificate status is maintained, it must be checked whenever one wants to rely on a certificate. Failing this, a revoked certificate may be incorrectly accepted as valid. This means that to effectively use a PKI one must have access to current CRLs (i.e. Internet access in the case of a PKI). This requirement of on-line validation negates one of the original major advantages of PKI over symmetric cryptography protocols, namely that the certificate is "self authenticating". Symmetric system, e.g. Kerberos, also depend on the existence of on-line services (Key distribution center in the case of Kerberos). Symmetric-key algorithms are a class of algorithms for cryptography that use trivially related cryptographic keys for both decryption and encryption. ...
Kerberos is a computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. ...
In cryptography, a key distribution center (KDC) is part of a cryptosystem intended to reduce the risks inherent in exchanging keys. ...
The existence of a CRL implies the need for someone (or some organization) to enforce policy and revoke certificates deemed counter to operational policy. If a certificate is mistakenly revoked significant problems can arise. As the certificate authority is tasked with enforcing the operational policy for issuing certificates they typically are responsible for determining if and when revocation is appropriate by interpreting the operational policy.
The necessity of consulting a CRL, or other certificate status service, prior to accepting a certificate raises a potential denial-of-service attack against the PKI akin to the denial-of-service attack on Kerberos whereby a current authentication token cannot be retrieved. In computer security, a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. ...
No comprehensive solution to these problems is known, though there are multiple workarounds for various aspects of it, some of which have proven acceptable in practice. A workaround is a bypass of a recognized problem in a system. ...
An alternative to using CRLs which is especially useful for software clients is the on-line certificate validation protocol Online Certificate Status Protocol (OCSP). OCSP has the primary benefit of requiring less network bandwidth and thus enabling real-time and near real-time status checks for high volume or high value operations. The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. ...
See also In cryptography, a trusted third party (TTP) is an entity which facilitates interactions between two parties who both trust the third party; they use this trust to secure their own interactions. ...
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and a user. ...
Implementation
External links - Enterprise Trust Integration and Web Services Security standars
|
Feeds |
Contact