[caops-wg] OCSP section 5.1 - key protection
Olle Mulmo
mulmo at pdc.kth.se
Tue May 31 06:25:06 CDT 2005
> *5.1
> While we do not require the use of hardware protection,
> we RECOMMEND that the security of the OCSP responder key
> be in parity with the CA issuing key.
>
> [This is a meaningless recommendation, because we have no single
> standard for CA issuing keys. Also, there are differences in the
> way OCSP and CA issuers are handled - you can change the OCSP
> key pair every hour if you want. Disagree about HSM.
Reading the text again, I realize that I had Authorized responders in
mind. What the text says is that there should some correlation between
how securely you operate your CA, and how securely you provide current
status of those certificates. This comment should be expanded and moved
elsewhere.
I have no problems adding your suggested text:
> Access to OCSP responder keys must be carefully controlled.
> In all cases system level access to OCSP responder systems must
> be limited and logged. Access to key backup media must also
> be limited and logged. For OCSP responders using software crypto
> stores, we recommend that this key NOT be backed up. We also
> recommend the key be changed more frequently than end user signing
> keys.
> These steps can reduce but not eliminate the demand for hardware
> crypto stores; hardware security modules should be used for high
> visibilty OCSP responders (see also prev paragraph?).
> Service providers should also consider transponder configurations
> to reduce the number of highly secured OCSP responder keys needed.
More information about the caops-wg
mailing list