[Cryptography] HSM's to be required for Code Signing Certificates
Natanael
natanael.l at gmail.com
Fri Jan 27 03:01:46 EST 2017
Den 27 jan. 2017 06:09 skrev "Peter Gutmann" <pgut001 at cs.auckland.ac.nz>:
Henry Baker <hbaker1 at pipeline.com> writes:
This seems a lot like security by press release, if you look at the changes:
>The guidelines include several new features that will help businesses
defend
>their IT systems and information stores from cyber-attacks, including:
>
>* Stronger protection for private keys: The best practice will be to use a
>***FIPS 140-2 Level 2 HSM*** or equivalent. [...] Therefore, companies
must
>either ***store keys in hardware*** they keep on premise hardware, or in a
>new secure cloud-based code signing cloud-based service.
Since level 2 HSMs are expensive, not so easy to find, and a pain to use,
companies are probably going to take the other option of moving their keys
into the cloud. So instead of having the key on an, at least on theory,
isolated machine on a private LAN it's now in the cloud. Wonderful.
While unlikely to be implemented that way, it *could* be secure. Strong
emphasis on *could*.
Program the HSM to only accept customer requests that are signed by their
trusted keys, or sent over a trusted channel directly to the HSM. Any
overrides by the cloud company MUST be logged and audited by an independent
entity (such as if the customer reports they lost the authentication key).
No web interface. Too hard to protect (XSS and all that). Only a simple
secure interface with authentication protocols like U2F (phishing and
replay protected), from a secure machine.
>* Certificate revocation: Most likely, a revocation will be requested by a
>malware researcher or an application software supplier like Microsoft, if
>they discover users of their software may be installing suspect code or
>malware. After a CA receives request, it must either revoke the certificate
>within two days, or alert the requestor that it has launched an
investigation.
So the problem here was that if a malware researcher requested a revocation,
the CA typically did nothing. Now they're still free to do nothing, as long
as they claim they're investigating.
The first of those two arguably makes things worse rather than better, and
the
second is just business as usual. The final one, use of TSAs, is
necessitated
by the way certs work and mostly a no-op. "Realizing the importance of the
case, my men are rounding up twice the usual number of suspects".
Peter.
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170127/2a802b31/attachment.html>
More information about the cryptography
mailing list