Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How does certificate revocation work with intermediate CA's?

Tags:

ssl

openssl

ssl-certificate

x509certificate

certificate-revocation

Suppose a PKI hierarchy like below.

root CA ==> inter-1 CA ==> user-1
  \
   \======> inter-2 CA ==> user-2

My question is: does root CA also need to periodically download CRL from its children: inter-1 and inter-2?

Since user-1 and user-2 can authenticate each other, if user-2's certificate is revoked by inter-2, inter-2 should let root know and then propagate to inter-1 and user-1, right?

If so, it seems quite complicated. Is there any tool to use for managing the revocation logic? Thanks a lot.

like image 379
user180574 Avatar asked Nov 13 '13 18:11

user180574

People also ask

What happens when an intermediate CA is revoked?

According to CA/B Forum rules, these intermediate CA certificates should be revoked within 7 days. However, because revoking the intermediate CA also invalidates all certificates that have been issued by that CA, the impact is exponential.

How does a certificate revocation list work?

It is a type of blocklist that includes certificates that should no longer be trusted and is used by various endpoints, including web browsers, to verify if a certificate is valid and trustworthy. The CRL file is signed by the CA to prevent tampering.

Under what circumstances might a Certificate Authority revoke a certificate?

A certificate is irreversibly revoked if, for example, it is discovered that the certificate authority (CA) had improperly issued a certificate, or if a private-key is thought to have been compromised.

How does an intermediate certificate work?

An intermediate certificate works as a substitute of a root certificate because root certificate has its own security layers assuring that its keys remain unobtainable. Intermediate certificate plays a “Chain of Trust” between an end entity certificate and a root certificate.

How do I cancel my intermediate certificate?

Go to Tools->Internet Options->Content tab 2. Click on Certificates and go to the Intermediate Certification Authorities tab 3. Remove any of the following certs that are found.

What happens if CRL is unavailable?

If no CRL is available, it is expired or doesn't contain the host serial number then NO error message is displayed. That is the specific behavior of IE.

1 Answers

No, revocation of certificate is not propagated across the CA tree. Each CA (root and intermediate in your case) is responsible of the publication of the CRL containing the list of only the revoked certificates that were issued by this CA.

An example:

Root CA publishes a CRL for the certificates issued by Root CA: inter-1 CA and inter-2 CA. Root CA is not aware of the user-1 and user-2 certificates or their revocation status.

inter-1 CA (resp inter-2 CA) publishes a CRL containing the list of revoked certificates issued by inter-1 CA (resp inter-2 CA) and only these certificates.

CRL Root CA   CRL inter-1 CA 
  ^             ^
  |             |
root CA ==> inter-1 CA ==> user-1
  |
  |           CRL inter-2 CA 
  |             ^
  \             |
   \======> inter-2 CA ==> user-2

if user-1 certificate is revoked, this certificate (actually its serial number) will only appear in the CRL published by inter-1 CA.

When someone wants to check the validity the user-1 certificate the process is as follows:

  1. build the certificate chain between the certificate and a trusted CA: user-1 / inter-1 CA / root CA
  2. fetch the CRL for the first certificate in the list
  3. verify the signature of the CRL
  4. check the status of the first certificate in the list against this CRL
  5. if the status is not revoked, remove the certificate from the list and go to 2. otherwise fail
  6. if the list contains only the trusted CA, check the chain of signature of the certificates (a certificate must be signed by the following certificate in the list)
  7. if all signature have been checked and are valid, the user-1 certificate is valid.

Note that validating the CRL signature can trigger a validation of another certificate chain : i.e. this algorithm can be recursive. Actually the X.509 certificate validation algorithm is (very) complex and I just summarize the principles here.

like image 189
Jcs Avatar answered Sep 18 '22 12:09

Jcs
Sign in to Comment

Related questions

openssl ssl_connect blocks forever - how to set timeout?
Verify Incoming SSL Using OpenSSL S_Server
.Net SslStream with Client Certificate
How to setup Letsencrypt for Google Cloud Compute Engine load balancer?
How to set up HTTPS for local testing purposes?
Java CertificateException "No subject alternative names matching IP address ... found"
helm: x509: certificate signed by unknown authority
Nginx SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share
SSL: How are certificates protected against man in the middle attacks?
How to correctly send binary data over HTTPS POST?
Create app with SSLSocket Java
Can't get https working on Elastic Load Balancer (AWS)
visual studio relentlessly prompts to trust the IIS Express SSL Certificate
How do I get the private key for a GoDaddy certificate so I can install it on Ubuntu 14+?
ImportError: cannot import name RAND_egd
I'm getting a MailKit.Security.SslHandshakeException when trying to connect to "smtp.office365.com"
Indy 10 - IdSMTP.Connect raising "Could not load SSL library."
ssl certificate- get private key from csr
Adding SSL support to existing TCP & UDP code?
got java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty when using cas [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!