In pursuit of validation
An emerging standard offers real-time certificate validation, necessary for any high-stakes e-commerce site.
By Ian Poynter
Network World, 02/26/01
Imagine
the following scenario: You're operating an online service
that trades currency futures. You've built a public-key infrastructure
for distributing certificates to traders for authentication. When
traders access your secure Web site, their browsers present the
certificates you've issued and, based on this information,
your site lets them place orders. Because your system supports
transactions worth millions of dollars (and other currencies),
you've made the certificates valid for six months, rather
than the more common one year.
 Now
suppose one of your client companies dismisses a rogue trader
whose certificate is valid for another three months. How can you
ensure that the trader's access is immediately terminated?
The answer is by using a procedure known as certificate revocation.
When
a certificate is revoked, it is declared invalid before it has
expired. The primary mechanism for this is the Certificate Revocation
List (CRL), a digitally signed, time-stamped blacklist of revoked
certificates that haven't expired. The certificate authority,
which is the agency that originated the certificate, issues the
CRL periodically. But CRLs have some major flaws. For one, they
don't operate in real time. Many commercial certificate authorities
issue CRLs only once per day at the most. This would certainly
not be acceptable in our currency trading example.
Also,
simply placing a certificate on the CRL isn't enough. The
application requiring authentication must check the CRL each time
a certificate is submitted. This is problematic for many reasons.
First, a CRL quickly becomes unwieldy. Each certificate authority
keeps only one CRL for each root certificate, which is a top-level
certificate under which many individual certificates are issued.
And the CRL is cumulative – every revoked certificate is
added to the CRL and kept there until it expires.
So
the CRL grows immense. For instance, CRLs for some root certificates
issued by VeriSign, a major
commercial certificate authority in Mountain View, Calif., can
be a megabyte in size. If a certificate authority uses a single
root certificate for each individual certificate it issues, as
can be the case when a corporation is its own certificate authority,
then all revoked certificates would be listed in one CRL. Hence,
compiling, signing, transmitting, publishing and processing a
CRL is a time-consuming process that eats CPU power. In the worst
case, this can take seconds to complete. The time constraint and
resource drain grow exponentially when a Web site must check certificates
against multiple certificate authorities, as can happen after
a merger when companies use different PKIs.
Another
failing is that when a certificate authority updates its CRL,
it overwrites the previous file, keeping no historical data.
But
a mechanism that lets an application quickly verify a certificate's
validity in real time is now available: the Online Certificate
Status Protocol (OCSP). Standardized by the Internet Engineering
Task Force in June 1999, OCSP became available in select PKI and
independent validation products shortly afterward. However, because
companies have only recently come to grips with PKIs, first adopters
are only now beginning to implement it.
"Revocation
has been the 5,000-pound elephant in the living room that everyone
has been trying to ignore," says Jim Hewitt, director of
consulting and technical services for CertCo, maker of OCSP validation
software. "If you are relying on CRLs, you are only as good
as your last CRL."
Real-time
validation
Early
users say they can't live without OCSP. Take, for example,
TC TrustCenter, a certificate authority in Hamburg, Germany, that
services banks and other organizations in the European Union.
While the company developed its PKI in-house, it purchased validation
tools from KyberPass, in Ottawa.
OCSP
adds the real-time status checking that TC TrustCenter's
customers are beginning to demand, says Lutz Behnke, product manager
for TC TrustCenter. "I think that validation should, must
and will come over the next six to nine months, because people
will realize that certificates are valid for too long a period.
There must be a move to real-time status checks," he says.
Figure 2: Click for larger image ( 48kGIF)
Real-time
validation via OCSP helps TC TrustCenter's clients immediately
terminate online financial services to customers who haven't
paid their bills. "Status checks are definitely required
if you want to have any chance of stopping customers using a service
without paying," Behnke says.
In
an OCSP-based system, when a certificate needs validation, the
application passes a request to an OCSP responder, such as KyberPass'
Validation TrustPlatform or ValiCert's Validation Authority.
The responder verifies the certificate, informing the client whether
the certificate has been revoked. The responder can be a simple
repository for the latest CRLs, but it adds more value when it
allows revocation of certificates in real-time from an administrative
interface.
The
responder sits on the corporate network and answers queries from
applications that need to check the validity of certificates.
On the back end, the responder may contact a remote responder
at the certificate authority's premises, although this isn't
a necessity. Responders are sold as part of PKI products or as
independent packages.
OCSP
lets the power of PKI be available to all applications, especially
those that have high-value, high-stake transactions. "As
OCSP becomes more prevalent, revocation is something that all
PKI-based applications can consider, without the need to process
CRLs," CertCo's Hewitt says.
One
area with an obvious, immediate need is online trading, he adds,
where "the only assurance of each others' identities
are various pieces of digital information, including certificates.
Validation allows people to trust credentials they are presented
with," Hewitt says.
Good
for all
To extend OCSP or not?
The
Internet Engineering Task Force defines Online Certificate Status
Protocol Version 1 in RFC 2560 and is currently working on Version
2. This new version will add the ability to request information
on the status of a certificate at some point in the past, a feature
Certificate Revocation Lists and the current standard do not support.
Click here for more...
|
|
Clearly,
online status checking should be part of any application that
relies on certificates for authentication and authorization, and
part of every certificate-based architecture. "As OCSP has
become available in applications, customers have realized that
online status checking is something they should be doing,"
Behnke says.
When
considering certificate-based authentication and authorization,
IT should make sure online status checking is available in the
products being evaluated. Right now, that basically means looking
for OCSP Version 1 support.
Real-time
certificate validation is an enabler for business-to-business
and business-to-consumer e-commerce because it lets participants
in any transaction be sure they're dealing with up-to-the-minute
information on the validity of the certificates being used. Validation
in general and OCSP in particular are definitely here to stay.
Poynter
is founder and president of Jerboa, Inc., an Internet security
consultancy based in Cambridge, Mass. He can be reached at ian@jerboa.com.
|
