I have a question with regards to having full control on the cryptography which you will be using for your own application vs relying on external entities such as certification authorities?
What are the pros and cons for each options?
Asked
Active
Viewed 99 times
3 Answers
0
Relying on a certification agency does not take you any control over cryptography (apart from some dubios agencies generating the keys for you).
For getting a certification from an agency, you locally create your own keys, create a certification request (CSR) for the public key and send the public key together with the CSR to the agency.
The agency has no access to nor influence at all on your cryptography (encrypting and signing data). Choosing (or not choosing) a certification agency might be a debate on trust though (trust of others in your identity, which is certified by the agency).
Jens Erat
- 23,446
- 12
- 72
- 96
-
which means it would be better if you have full control over it right? But why people still use external entities when implementing cryptography? – James Yeo Sep 15 '14 at 09:55
-
You didn't get my answer. You're mixing up terms, people (usually, unless for some very bad agencies to be avoided) _do not rely_ on external entities for "implementing cryptography". But yes, having full control over cryptography is better, but it also is "industry standard". – Jens Erat Sep 15 '14 at 09:59
0
A certification agency only provides trust, not encryption.
Regardless of whether you use a certificate signed by a CA or a self signed certificate, the encryption/hashing implementation is entirely down to you.
Trust is important. How can I be certain that anything I download on your website is actually coming from you and not someone else? This is what a CA does. They claim that they have done an amount of investigation and they certify that you are who you say you are.
If I trust the CA to have done some amount of investigation, then I can trust that you are who you say you are.
On the other hand, a self signed cert is almost useless for trust purposes, as you're essentially certifying your own identity.
Chris Murray
- 1,275
- 11
- 17
0
In asking this question, you're actually asking the pros of cons of using a private chain trust or one that is already available on the client.
Use a public CA - PROs
- Since the root of the trust is assumed to be already installed on the client device the "hard" part of certificate distribution (which is, design a safe mechanism to distribute the root of your trust chain) is considered solved.
- Running a safe CA is difficult to get right and easy to get wrong. This means that running a safe CA is expensive. By using a public CA (assuming it is properly secured) you shared that cost among all customers of that CA which makes it (in theory) cheaper than running you own in a similar environment.
- Using the PKI chain as setup on the client device allow for more customization: you can decide to switch CA without having too much impact on clients and give power to end users to make their own choices when they deploy the system (they could use a different CA for the server or use their own). This makes the system more portable and adaptable.
Use a public CA - CONs
- You now rely on the root of the trust to be properly maintained on the target device. If you use the regular root store on the device, you potentially open yourself to rogue CAs that have been inserted there.
- You have less control over how the certificate is issued so it is difficult (or expensive) to use certificate with non-standard properties (should your use case make use of it).
- You usually do not control exactly what root and intermediate CA are used to issue your final CA which might make it difficult to use a trust anchor that isn't your end entity certificate when you want to do certificate pinning (see this).
Use a private CA - PROs
- You have more liberty as how you generate your certificates (specifically, you can use any property and values you want)
- If you intent to do certificate pinning, then it is simpler to manage since you control when each element of the certificate trust chain expires.
- Makes you less dependent of entities outside your control: you're less dependent of their potential failures and have to trust a more limited set of entities (i.e. if you trust the wholr root CA store of a windows machine, any of the entities listed in that store can issue a cert that will be accepted in your system).
Use a private CA - CONs
- You have to properly setup and protect your root. This is more complex than it might seems and getting it wrong might compromise the security of the whole system. This leads to higher cost (if done properly).
- You have to solve the issue of distributing the root of your trust chain to clients in a secure way. This is usually where using a private CA fails first because there is few ways of doing this that scales well or isn't really expensive.
- You have to properly setup and control the way you issue certificates. Again, this is easy to get wrong and hard to get right which also usually leads to higher costs.
Note that many of these properties are very dependent on the way you set things up and use your certificate: if you're using certificate pinning, for instance, you're more or less ignoring all of these issues except the trust anchor distribution one.
