This section of the book covers the most important aspect of setting-up an X.509-based environment. The infrastructure is made up of several important components that are tightly integrated and must be kept secure at all times.
In terms of damage due to security breaches, X.509 infrastructure represents a vital point. Such breaches can lead to data disclosures to attackers, collapse of access control, and insertion of invalid data, to name the few. Once the security has been compromised, the entire trust model collapses and needs to be rebuilt from bottom-up, including all the services which used to rely on the X.509 infrastructure.
Taking all this into account, it's pretty obvious that it's necessary to employ as many security precautions and mechanisms when setting it all up, especially related to the security of certification authority itself.
Throughout this section the following components of the infrastructure will be covered:
- Certification authority, in charge of issuing certificates and certificate revocation lists.
- Certificate repository, used as a central location where certificates are kept and from where they can be retrieved for use by the users.
- CRL distribution point, used for providing a central location from which it's possible to retrieve certificate revocation lists for the verification purposes by the end entities.
- OCSP responder, in charge of providing an on-line verification service of certificates issued by the certification authority.
- Registration authority, used for handling enrollment of end users and issuing certificates on their behalf through the certification authority.
Although these components are sufficient for the functioning of X.509 environment, certain holes do exists in the Free Software ecosystem. This is particularly related to the existence of decent enrolment and registration authority applications (mostly in terms of ease-of-use).