PKI operators anyone?
jmaimon at ttec.com
Wed Sep 5 19:43:06 UTC 2007
Steven M. Bellovin wrote:
> The question about root key lifetime turns not just on the security
> issues but on how easy it is to change the root key, either routinely
> or in event of a compromise. To a first approximation, no certificate
> acceptor *ever* changes its notion of root keys. In that case, the
> question is how many acceptors you have, what their lifetime is, and
> how easily you can be one of the rare people who does change the root.
> That's why browsers have long-lived certificates built in -- that list
> rarely changes. You suggest an 80-year lifetime for your root key.
> How many of your current devices do you expect to be using in 80
> years? I thought so...
Hopefully none, at half-life. Thats the point.
> Beyond that, at this point I would not issue any certificates that
> expire after 03:14:07 UTC on Jan 19, 2038. Doing otherwise is just
> asking for trouble. The reason is left as an exercise for the reader.
This is actually a good point. Epoch rollover? Are you suggesting that
any cert set to expire after the epoch may tickle issues now?
> So -- I haven't answered your questions at all. Instead, I've asked
> questions of my own.
> --Steve Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG