We want to implement a free solution to sign digitally internal documents. No legal value of this sign are requested. We want to consider to deploy an internal CA. Why is it always said that keeping your own CA is so much complicated? Where does that complication reside?
Asked
Active
Viewed 278 times
2
-
Try it, and you'll know. Some people might find it complicated, some might not. – Konrad Gajewski Jul 21 '15 at 10:06
1 Answers
8
Deploying internally is easy. The hard part is getting all the procedures right so that it is convincingly uneasy to obtain a fake certificate. This is the condition for signatures: a signature has any value only inasmuch as people believe in it.
Of course, if your signatures are not meant to have legal value, then things are a lot simpler. But then, why would you want to sign things ? A signature is useful only through its binding property: he who signed can be held responsible for what which was signed. The whole point of a signature is to serve as a weapon against the signer. From which we can draw two conclusions:
Nobody in his right frame of mind wants to sign things. You want other people to sign things; you accept to sign things yourself only because you are pressured to do so in a specific context.
A proof is a legal weapon. If you do not want "legal value" for your signatures, then you have made them a lot less frightening, and thus a lot less useful as well.
Let's explain things with an analogy: suppose that you have a warehouse with valuable goods in it. You fear that thieves may break into it, so you want to hire armed guards. But it takes some precautions, because you do not necessarily want to give a loaded pistol to just any guy that looked good during the hiring interview; you will want some medical certificate that says that the guy is not mad, and some legal certificate that says that he is not wanted for some crime, or anything like that. A much less risky solution is to equip the guards with water pistols -- but then, thieves are unlikely to be much deterred by the prospect of being merely soaked.
Running a CA is 5% technology, 95% procedures (access control, audit, logs,...). The 95% are what makes running a CA expensive and complicated. You have to understand all that is going on (including dreary details on certificate formats such as revocation and renewals). If you do not accept to do that part of the job, then things can be very simple (a couple of scripts around OpenSSL), but then, you no longer have actual security to your signatures. You have merely sprinkled crypto all over the place, giving a feeling of security.
Tom Leek
- 168,808
- 28
- 337
- 475
-
-
There is no such thing as a definitive, authoritative source for English typography (contrary to, say, French typography, because the French, in all their frenchness, created an _Académie Française_ whose job is to be Right, always). Using a space before the question mark is relatively rare but not unheard of among English writers. It is often said to mimic French punctuation. The question mark itself is a relatively recent import into English (circa 1580, say some authors). Bottom-line: it is not absolutely incorrect to put a space; and I find it clearer that way. – Tom Leek Jul 21 '15 at 12:21
-
A signature is not just a legal tool but a proof of origin for a given resource - which is the more likely utility for an intra-organization signing system. – staafl Dec 16 '16 at 09:51