Re: [Pki-devel] lightweight sub-CAs; updated design

On Wed, Oct 15, 2014 at 01:38:09AM -0400, Ade Lee wrote: > On Wed, 2014-10-15 at 01:15 -0400, Ade Lee wrote: > > On Fri, 2014-10-03 at 17:54 +1000, Fraser Tweedale wrote: > > > Hi all, > > > > > > Just landed a big update to the lightweight sub-CAs design > > > proposal: http://pki.fedoraproject.org/wiki/Lightweight_sub-CAs. > > > > > > I plan to start the implementing next week. Aside from general > > > design review, specific things I need input on are: > > > > > > 1) > > > > > > How to propagate newly-generated sub-CA private keys to clones > > > in an automated way, and how to store them. > > > > > I'll comment about that in the IPA thread. I had thought that the > > keys etc. would reside in the primary CA certdb. > > > Actually, I'll respond here because the IPA thread has moved > slightly away from this. In the IPA thread, there is discussion of > storing the keys in ldap encrypted by some master key - which > presumably would be stored in the certdb. > > Decrypting the signing key and keeping it in memory is absolutely a > no-no. The CA signing key material should only be present in the > HSM/softoken - and should never be exposed unencryted outside the > token. All crypto operations must be done there. That most likely > means storing the data in the NSS certdb. > The design of key distribution could follow the DNSSEC design; see Petr Spacek's comments in this thread: https://www.redhat.com/archives/freeipa-devel/2014-October/msg00080.html Presumably this design for key distribution has received some thorough attention. Perhaps some of the assumption for DNSSEC do not hold for Dogtag. I have copied Petr and Simo for their input.